urlscan.io logo urlscan.io
SecurityTrails logo

www.shefinds.com Open in urlscan Pro
2606:4700:10::6816:4f8f  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Submission: On September 04 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 286 IPs in 16 countries across 241 domains to perform 2743 HTTP transactions. The main IP is 2606:4700:10::6816:4f8f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.shefinds.com. The Cisco Umbrella rank of the primary domain is 121030.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on September 26th 2022. Valid for: a year.
This is the only time www.shefinds.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
67 2606:4700:10:... 13335 (CLOUDFLAR...)
4 151.101.130.207 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 151.101.65.91 54113 (FASTLY)
2 2607:f8b0:400... 15169 (GOOGLE)
2 13.225.214.49 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
63 199.232.193.131 54113 (FASTLY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.46.189.107 16625 (AKAMAI-AS)
12 151.101.65.140 54113 (FASTLY)
18 18 20.225.97.235 8075 (MICROSOFT...)
8 13.225.63.59 16509 (AMAZON-02)
1 13.225.214.11 16509 (AMAZON-02)
1 13.35.93.5 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.192.161.188 16509 (AMAZON-02)
1 108.139.47.108 16509 (AMAZON-02)
4 52.203.133.62 14618 (AMAZON-AES)
5 2a03:2880:f01... 32934 (FACEBOOK)
1 18.164.116.24 16509 (AMAZON-02)
1 108.138.106.49 16509 (AMAZON-02)
1 34.102.147.248 396982 (GOOGLE-CL...)
1 4 2600:9000:220... 16509 (AMAZON-02)
1 151.101.193.91 54113 (FASTLY)
1 108.138.128.110 16509 (AMAZON-02)
3 5 2620:116:800b... 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
2 52.21.15.216 14618 (AMAZON-AES)
2 18.164.131.120 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
53 2607:f8b0:400... 15169 (GOOGLE)
2 13.225.63.122 16509 (AMAZON-02)
1 14 2606:4700:10:... 13335 (CLOUDFLAR...)
7 151.101.130.217 54113 (FASTLY)
3 18.164.101.60 16509 (AMAZON-02)
27 2a04:4e42:600... 54113 (FASTLY)
8 2607:f8b0:400... 15169 (GOOGLE)
2 209.54.178.200 16509 (AMAZON-02)
7 108.138.128.49 16509 (AMAZON-02)
37 18.173.219.123 16509 (AMAZON-02)
2 13.225.214.90 16509 (AMAZON-02)
1 2600:9000:220... 16509 (AMAZON-02)
20 54.230.163.92 16509 (AMAZON-02)
1 13.35.93.71 16509 (AMAZON-02)
33 172.64.149.180 13335 (CLOUDFLAR...)
1 2600:9000:210... 16509 (AMAZON-02)
2 104.19.150.54 13335 (CLOUDFLAR...)
1 3 18.164.116.98 16509 (AMAZON-02)
1 18.164.96.90 16509 (AMAZON-02)
4 184.73.5.153 14618 (AMAZON-AES)
1 13.35.93.81 16509 (AMAZON-02)
2 151.101.193.140 54113 (FASTLY)
1 6 34.230.226.68 14618 (AMAZON-AES)
1 2600:9000:21d... 16509 (AMAZON-02)
1 20.40.202.0 8075 (MICROSOFT...)
1 108.139.29.52 16509 (AMAZON-02)
2 13.225.214.79 16509 (AMAZON-02)
6 2606:4700:10:... 13335 (CLOUDFLAR...)
72 135 68.67.160.137 29990 (ASN-APPNEX)
43 47 15.197.193.217 16509 (AMAZON-02)
8 13 162.248.18.37 62713 (AS-PUBMATIC)
20 45 69.173.151.100 26667 (RUBICONPR...)
7 12 34.111.113.62 396982 (GOOGLE-CL...)
45 62 142.251.40.194 15169 (GOOGLE)
7 53 69.166.1.67 27630 (AS-XFERNET)
71 80 199.127.204.147 26120 (RHYTHMONE)
16 108.138.107.138 16509 (AMAZON-02)
12 2a03:2880:f11... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
3 34.239.25.47 14618 (AMAZON-AES)
2 52.94.225.95 16509 (AMAZON-02)
2 34.120.155.137 396982 (GOOGLE-CL...)
1 50.16.31.29 14618 (AMAZON-AES)
1 52.204.63.111 14618 (AMAZON-AES)
14 2620:100:a001::4 19750 (AS-CRITEO)
1 2600:9000:251... 16509 (AMAZON-02)
13 2607:f8b0:400... 15169 (GOOGLE)
1 3.239.232.201 14618 (AMAZON-AES)
4 3.16.120.123 16509 (AMAZON-02)
1 2600:9000:26f... 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 23.46.189.209 16625 (AKAMAI-AS)
1 18.164.96.54 16509 (AMAZON-02)
22 18.164.96.59 16509 (AMAZON-02)
4 35.190.38.143 15169 (GOOGLE)
1 35.241.9.51 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
12 24 35.190.60.146 15169 (GOOGLE)
1 2 107.178.254.65 15169 (GOOGLE)
1 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 2600:9000:220... 16509 (AMAZON-02)
16 34.194.32.208 14618 (AMAZON-AES)
1 13.35.93.23 16509 (AMAZON-02)
1 52.73.128.118 14618 (AMAZON-AES)
1 13.225.214.91 16509 (AMAZON-02)
19 2607:f8b0:400... 15169 (GOOGLE)
10 34.107.254.252 396982 (GOOGLE-CL...)
1 18.211.247.225 14618 (AMAZON-AES)
10 20 2620:100:a001::c 19750 (AS-CRITEO)
1 13.225.214.20 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
9 167.172.234.98 14061 (DIGITALOC...)
2 4 52.73.67.203 14618 (AMAZON-AES)
8 18.164.129.159 16509 (AMAZON-02)
1 13.225.66.47 16509 (AMAZON-02)
1 52.85.61.61 16509 (AMAZON-02)
16 74.119.119.139 19750 (AS-CRITEO)
9 104.91.102.49 16625 (AKAMAI-AS)
5 108.138.128.124 16509 (AMAZON-02)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
3 18.164.124.103 16509 (AMAZON-02)
18 27 72.251.238.254 32475 (SINGLEHOP...)
64 69.173.151.96 26667 (RUBICONPR...)
3 199.250.161.129 26459 (TTD-ASN-01)
3 52.206.147.220 14618 (AMAZON-AES)
21 172.64.148.101 13335 (CLOUDFLAR...)
11 34.202.91.172 14618 (AMAZON-AES)
20 38 63.251.114.182 32475 (SINGLEHOP...)
4 50.19.69.24 14618 (AMAZON-AES)
2 108.138.128.63 16509 (AMAZON-02)
14 2620:100:a001... 19750 (AS-CRITEO)
3 24 147.75.198.144 54825 (PACKET)
11 52.4.33.45 14618 (AMAZON-AES)
32 2602:803:c002... 26667 (RUBICONPR...)
2 54.81.115.164 14618 (AMAZON-AES)
25 34.149.50.64 396982 (GOOGLE-CL...)
1 35.241.45.217 15169 (GOOGLE)
1 2600:9000:220... 16509 (AMAZON-02)
1 65 52.46.128.147 16509 (AMAZON-02)
7 13.35.93.19 16509 (AMAZON-02)
4 162.19.138.83 16276 (OVH)
2 7 54.243.179.35 14618 (AMAZON-AES)
2 108.138.128.71 16509 (AMAZON-02)
1 13.226.34.8 16509 (AMAZON-02)
1 2 34.102.243.38 396982 (GOOGLE-CL...)
5 5 2600:9000:220... 16509 (AMAZON-02)
9 9 2620:112:f002... 6336 (TURN-US-ASN)
1 1 23.197.180.24 16625 (AKAMAI-AS)
7 85 51.222.39.186 16276 (OVH)
6 6 34.133.71.175 396982 (GOOGLE-CL...)
11 17 54.237.116.249 14618 (AMAZON-AES)
15 106 192.40.39.223 27381 (CASALE-MEDIA)
1 2600:9000:251... 16509 (AMAZON-02)
8 44.215.82.85 14618 (AMAZON-AES)
9 9 80.77.87.161 46636 (NATCOWEB)
17 57 35.244.159.8 15169 (GOOGLE)
14 19 23.105.12.170 30633 (LEASEWEB-...)
28 28 2606:ae80:145... 25751 (VALUECLICK)
3 2600:9000:251... 16509 (AMAZON-02)
30 184.29.128.213 16625 (AKAMAI-AS)
2 35.173.120.247 14618 (AMAZON-AES)
72 96.17.65.140 16625 (AKAMAI-AS)
15 18 198.148.27.131 19189 (PULSEPOINT)
44 49 3.225.218.10 14618 (AMAZON-AES)
23 18.208.74.11 14618 (AMAZON-AES)
15 56 52.223.22.214 16509 (AMAZON-02)
7 7 8.43.72.97 26667 (RUBICONPR...)
16 19 185.184.8.90 204995 (RTB-HOUSE...)
2 4 34.96.105.8 396982 (GOOGLE-CL...)
8 11 213.19.162.90 3356 (LEVEL3)
24 3.221.79.249 14618 (AMAZON-AES)
71 85 141.95.33.111 16276 (OVH)
6 67 3.214.33.241 14618 (AMAZON-AES)
68 72 35.211.178.172 15169 (GOOGLE)
1 1 131.153.172.93 19437 (SS-ASH)
18 23 64.202.112.191 22075 (AS-OUTBRAIN)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
16 18 52.72.213.198 14618 (AMAZON-AES)
14 50 2600:1f18:4e9... 14618 (AMAZON-AES)
9 9 54.146.97.31 14618 (AMAZON-AES)
31 42 8.18.47.7 398989 (DEEPINTENT)
14 14 64.74.236.223 22075 (AS-OUTBRAIN)
8 16 104.126.112.185 16625 (AKAMAI-AS)
9 9 75.101.237.145 14618 (AMAZON-AES)
4 10 37.157.5.84 198622 (ADFORM)
7 10 52.71.250.162 14618 (AMAZON-AES)
9 9 35.207.24.140 15169 (GOOGLE)
12 12 96.46.183.20 7979 (SERVERS-COM)
3 3 2603:c020:400... 31898 (ORACLE-BM...)
1 35 195.244.31.11 63140 (IGUANA-WO...)
25 25 67.202.105.21 32748 (STEADFAST)
10 11 52.73.129.194 14618 (AMAZON-AES)
5 5 3.227.72.71 14618 (AMAZON-AES)
25 32 8.28.7.82 62713 (AS-PUBMATIC)
6 7 151.101.130.49 54113 (FASTLY)
1 1 124.146.215.44 2514 (INFOSPHER...)
3 3 34.102.163.6 396982 (GOOGLE-CL...)
10 14 8.28.7.81 62713 (AS-PUBMATIC)
19 19 207.198.113.86 13768 (COGECO-PEER1)
25 25 23.1.200.83 16625 (AKAMAI-AS)
1 162.248.18.10 62713 (AS-PUBMATIC)
2 39 23.227.139.243 55081 (24SHELLS)
1 34.107.140.17 396982 (GOOGLE-CL...)
18 54.203.119.5 16509 (AMAZON-02)
1 108.139.29.50 16509 (AMAZON-02)
5 9 162.248.18.34 62713 (AS-PUBMATIC)
17 54.211.152.139 14618 (AMAZON-AES)
3 22 173.231.178.117 32475 (SINGLEHOP...)
22 23 52.3.219.49 14618 (AMAZON-AES)
17 17 216.200.232.249 30419 (MEDIAMATH...)
9 96.17.64.29 16625 (AKAMAI-AS)
100 121 63.251.28.234 26558 (FREEWHEEL)
25 18.164.96.81 16509 (AMAZON-02)
3 72.247.66.215 16625 (AKAMAI-AS)
4 27 52.1.195.92 14618 (AMAZON-AES)
4 52.5.87.197 14618 (AMAZON-AES)
16 2600:9000:251... 16509 (AMAZON-02)
16 45.133.44.3 39572 (ADVANCEDH...)
1 40.76.134.238 8075 (MICROSOFT...)
13 23 8.28.7.83 62713 (AS-PUBMATIC)
1 104.18.111.252 13335 (CLOUDFLAR...)
18 184.29.128.199 16625 (AKAMAI-AS)
4 4 178.250.1.9 44788 (ASN-CRITE...)
12 12 3.214.218.211 14618 (AMAZON-AES)
2 2 34.199.23.6 14618 (AMAZON-AES)
3 52.95.122.74 16509 (AMAZON-02)
7 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.211.233.246 15169 (GOOGLE)
4 4 74.119.119.150 19750 (AS-CRITEO)
14 2600:9000:21d... 16509 (AMAZON-02)
1 2 34.229.3.43 14618 (AMAZON-AES)
14 2600:141b:f00... 20940 (AKAMAI-ASN1)
10 3.209.40.124 14618 (AMAZON-AES)
3 2600:1400:900... 20940 (AKAMAI-ASN1)
4 11 168.119.146.39 24940 (HETZNER-AS)
1 4 67.202.105.33 32748 (STEADFAST)
4 4 216.22.16.8 30633 (LEASEWEB-...)
3 3 35.190.90.30 15169 (GOOGLE)
1 1 47.252.78.131 45102 (ALIBABA-C...)
3 3 82.145.213.8 39832 (NO-OPERA)
3 3 52.205.242.31 14618 (AMAZON-AES)
3 4 34.195.149.193 14618 (AMAZON-AES)
1 1 23.23.164.24 14618 (AMAZON-AES)
2 2 34.96.71.22 396982 (GOOGLE-CL...)
3 3 104.22.69.131 13335 (CLOUDFLAR...)
3 3 204.62.13.72 46636 (NATCOWEB)
2 2 192.132.33.46 18568 (BIDTELLECT)
1 2600:1400:900... 20940 (AKAMAI-ASN1)
1 2a06:8640:987::2 55081 (24SHELLS)
6 6 185.167.164.49 198622 (ADFORM)
2 5 141.226.224.48 200478 (TABOOLA-AS)
30 2600:1f13:800... 16509 (AMAZON-02)
7 2620:100:a001... 19750 (AS-CRITEO)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
5 6 35.227.252.103 15169 (GOOGLE)
1 8.28.7.105 62713 (AS-PUBMATIC)
3 6 216.22.16.9 30633 (LEASEWEB-...)
17 34.117.239.71 396982 (GOOGLE-CL...)
11 11 199.38.167.131 54312 (ROCKETFUEL)
14 45.133.44.4 39572 (ADVANCEDH...)
5 8 52.201.153.89 14618 (AMAZON-AES)
3 4 54.92.247.49 14618 (AMAZON-AES)
2 2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 52.10.88.47 16509 (AMAZON-02)
15 2a06:8640:799... 55081 (24SHELLS)
3 23.21.152.207 14618 (AMAZON-AES)
3 3 52.2.71.224 14618 (AMAZON-AES)
18 18 54.156.152.169 14618 (AMAZON-AES)
5 5 69.90.254.78 13768 (COGECO-PEER1)
7 8 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 172.105.221.240 63949 (AKAMAI-LI...)
2 3 35.186.193.173 15169 (GOOGLE)
1 1 20.85.134.6 8075 (MICROSOFT...)
1 162.55.120.196 24940 (HETZNER-AS)
1 195.5.165.20 44968 (IPROM-AS)
3 3 104.91.114.229 16625 (AKAMAI-AS)
1 34.246.44.25 16509 (AMAZON-02)
1 1 34.102.253.54 396982 (GOOGLE-CL...)
1 1 188.166.17.21 14061 (DIGITALOC...)
22 3.210.210.147 14618 (AMAZON-AES)
3 44.212.237.84 14618 (AMAZON-AES)
1 15.235.42.103 16276 (OVH)
11 2600:1f18:61c... 14618 (AMAZON-AES)
2 2 34.160.19.107 396982 (GOOGLE-CL...)
2 13.226.34.120 16509 (AMAZON-02)
2 5 50.57.31.206 19994 (RACKSPACE)
3 3 18.224.133.115 16509 (AMAZON-02)
3 3 159.89.246.130 14061 (DIGITALOC...)
1 3 2620:112:f002... 6336 (TURN-US-ASN)
2 15 174.137.133.32 27257 (WEBAIR-IN...)
3 3 52.73.44.187 14618 (AMAZON-AES)
6 199.127.204.163 26120 (RHYTHMONE)
3 169.197.150.7 398989 (DEEPINTENT)
4 2606:ae80:145... 25751 (VALUECLICK)
4 34.237.83.209 14618 (AMAZON-AES)
2 69.166.1.32 27630 (AS-XFERNET)
3 23.105.14.96 30633 (LEASEWEB-...)
13 2a06:8640:764::2 55081 (24SHELLS)
4 104.36.115.111 62713 (AS-PUBMATIC)
2 3.209.206.63 14618 (AMAZON-AES)
3 6 34.228.108.181 14618 (AMAZON-AES)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 3.212.173.20 14618 (AMAZON-AES)
1 2 54.209.98.22 14618 (AMAZON-AES)
1 74.119.119.147 19750 (AS-CRITEO)
1 2600:9000:24f... 16509 (AMAZON-02)
1 35.211.200.231 19527 (GOOGLE-2)
1 2600:9000:21d... 16509 (AMAZON-02)
2 2 34.232.140.51 14618 (AMAZON-AES)
16 2607:f8b0:400... 15169 (GOOGLE)
1 3 2600:1f18:612... 14618 (AMAZON-AES)
22 35.245.208.4 396982 (GOOGLE-CL...)
1 1 130.211.9.179 15169 (GOOGLE)
1 35.201.111.96 396982 (GOOGLE-CL...)
2 2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 6 2606:4700:20:... 13335 (CLOUDFLAR...)
2 172.64.152.89 13335 (CLOUDFLAR...)
3 3 35.208.249.213 15169 (GOOGLE)
3 5 35.186.154.107 396982 (GOOGLE-CL...)
2 75.2.13.80 16509 (AMAZON-02)
1 1 172.105.221.29 63949 (AKAMAI-LI...)
4 4 3.221.48.93 14618 (AMAZON-AES)
1 99.83.181.31 16509 (AMAZON-02)
18 2600:1400:900... 20940 (AKAMAI-ASN1)
1 1 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 3.94.248.42 14618 (AMAZON-AES)
39 2606:4700:10:... 13335 (CLOUDFLAR...)
17 17 2600:1f16:e61... 16509 (AMAZON-02)
21 21 2620:116:800b... 14618 (AMAZON-AES)
1 1 52.3.79.25 14618 (AMAZON-AES)
2 34.98.64.218 396982 (GOOGLE-CL...)
2 2 108.138.106.17 16509 (AMAZON-02)
1 13.225.214.84 16509 (AMAZON-02)
2 2600:1901:0:8... 15169 (GOOGLE)
1 35.172.60.244 14618 (AMAZON-AES)
4 2600:9000:210... 16509 (AMAZON-02)
6 23.200.0.30 20940 (AKAMAI-ASN1)
1 1 185.184.10.30 203690 (RTB-HOUSE...)
1 1 2600:1f18:765... 14618 (AMAZON-AES)
1 1 8.2.110.206 46636 (NATCOWEB)
5 130.211.23.194 15169 (GOOGLE)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
2 6 142.250.176.198 15169 (GOOGLE)
9 185.106.140.18 7979 (SERVERS-COM)
2 5 172.98.26.246 399668 (E-PLANNING-)
2 2607:f8b0:400... 15169 (GOOGLE)
3 130.211.16.136 15169 (GOOGLE)
1 23.205.56.163 16625 (AKAMAI-AS)
6 104.91.111.199 16625 (AKAMAI-AS)
1 1 3.80.12.105 14618 (AMAZON-AES)
1 1 2a04:4e42:600... 54113 (FASTLY)
2 2 143.244.208.184 14061 (DIGITALOC...)
1 2 3.105.86.85 16509 (AMAZON-02)
1 3.220.28.161 14618 (AMAZON-AES)
3 34.117.157.22 396982 (GOOGLE-CL...)
4 4 23.206.216.29 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 38.98.69.175 174 (COGENT-174)
3 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 7 34.197.192.192 14618 (AMAZON-AES)
66 104.127.91.228 16625 (AKAMAI-AS)
1 151.101.1.108 54113 (FASTLY)
1 1 35.244.216.234 15169 (GOOGLE)
3 3 8.2.110.113 46636 (NATCOWEB)
18 209.192.201.180 7979 (SERVERS-COM)
2 2 35.210.53.219 19527 (GOOGLE-2)
2 2 44.199.144.94 14618 (AMAZON-AES)
4 2a02:6ea0:c40... 60068 (CDN77 ^_^)
3 156.146.36.23 60068 (CDN77 ^_^)
8 212.36.83.245 ()
1 212.36.83.246 ()
2743 286
67    2606:4700:10::6816:4f8f (United States)

ASN13335 (CLOUDFLARENET, US)
www.shefinds.com
4    151.101.130.207 (United States)

ASN54113 (FASTLY, US)
bc.marfeelcache.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    151.101.65.91 (United States)

ASN54113 (FASTLY, US)
cloud.typenetwork.com
2    2607:f8b0:4006:823::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    13.225.214.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-49.ewr50.r.cloudfront.net
cdn.boomtrain.com
2    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
63    199.232.193.131 (United States)

ASN54113 (FASTLY, US)
ads.blogherads.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    23.46.189.107 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-189-107.deploy.static.akamaitechnologies.com
s.ntv.io
12    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
embed.reddit.com
18    20.225.97.235 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
stripe.rs-stripe.com
tr.rev-stripe.com
8    13.225.63.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-59.ewr53.r.cloudfront.net
images-prod.powerinboxedge.com
1    13.225.214.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-11.ewr50.r.cloudfront.net
branding.revenuestripe.com
1    13.35.93.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-5.jfk50.r.cloudfront.net
launcher.spot.im
5    2606:4700::6813:d383 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
2    54.192.161.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-161-188.ewr53.r.cloudfront.net
z-na.amazon-adsystem.com
1    108.139.47.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-108.jfk50.r.cloudfront.net
widget.sellwild.com
4    52.203.133.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-133-62.compute-1.amazonaws.com
people.api.boomtrain.com
5    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    18.164.116.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-24.jfk50.r.cloudfront.net
static.bam-x.com
1    108.138.106.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-49.jfk50.r.cloudfront.net
static.hotjar.com
1    34.102.147.248 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 248.147.102.34.bc.googleusercontent.com
intljs.rmtag.com
4    2600:9000:2209:5800:e:ec66:e40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.keywee.co
1    151.101.193.91 (United States)

ASN54113 (FASTLY, US)
fastly-cloud.typenetwork.com
1    108.138.128.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-110.jfk50.r.cloudfront.net
cdn.viglink.com
5    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
4    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    52.21.15.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-15-216.compute-1.amazonaws.com
onsite.boomtrain.net
2    18.164.131.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-131-120.jfk50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
3    2607:f8b0:4006:821::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
53    2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    13.225.63.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-122.ewr53.r.cloudfront.net
cache.sellwild.com
14    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
p.ad.gt
ids.ad.gt
7    151.101.130.217 (United States)

ASN54113 (FASTLY, US)
ads.shemedia.com
3    18.164.101.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-101-60.jfk50.r.cloudfront.net
cdn.parsely.com
27    2a04:4e42:600::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
8    2607:f8b0:4006:80f::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    209.54.178.200 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
aax-us-east.amazon-adsystem.com
7    108.138.128.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-49.jfk50.r.cloudfront.net
direct-events-collector.spot.im
pix.spot.im
37    18.173.219.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-123.jfk52.r.cloudfront.net
static-cdn.spot.im
2    13.225.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-90.ewr50.r.cloudfront.net
publisher-assets.spot.im
1    2600:9000:2209:d400:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)
d15kdpgjg3unno.cloudfront.net
20    54.230.163.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-163-92.ewr53.r.cloudfront.net
tagan.adlightning.com
1    13.35.93.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-71.jfk50.r.cloudfront.net
cdn.adsafeprotected.com
33    172.64.149.180 (United States)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    2600:9000:210b:d000:1b:9b08:7f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.rhombusads.com
2    104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.permutive.com
3    18.164.116.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-98.jfk50.r.cloudfront.net
sb.scorecardresearch.com
1    18.164.96.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-90.jfk50.r.cloudfront.net
script.hotjar.com
4    184.73.5.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-5-153.compute-1.amazonaws.com
events.release.narrativ.com
1    13.35.93.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-81.jfk50.r.cloudfront.net
comparisons.sovrn.com
2    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
w3-reporting.reddit.com
6    34.230.226.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-226-68.compute-1.amazonaws.com
jadserve.postrelease.com
1    2600:9000:21dd:ac00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    20.40.202.0 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
lightboxapi.azurewebsites.net
1    108.139.29.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-52.jfk50.r.cloudfront.net
cdn-gateflipp.flippback.com
2    13.225.214.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-79.ewr50.r.cloudfront.net
tags.remixd.com
6    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
135    68.67.160.137 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
ib.adnxs.com
nym1-ib.adnxs.com
47    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
13    162.248.18.37 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
45    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
12    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
62    142.251.40.194 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
53    69.166.1.67 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
80    199.127.204.147 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
16    108.138.107.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-107-138.jfk50.r.cloudfront.net
c.amazon-adsystem.com
12    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:32::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    34.239.25.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-25-47.compute-1.amazonaws.com
srv-2023-09-04-02.pixel.parsely.com
2    52.94.225.95 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
fls-na.amazon-adsystem.com
2    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
1    50.16.31.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-31-29.compute-1.amazonaws.com
id.sv.rkdms.com
1    52.204.63.111 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-63-111.compute-1.amazonaws.com
idx.liadm.com
14    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    2600:9000:2511:3c00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
13    2607:f8b0:4006:817::2001 (United States)

ASN15169 (GOOGLE, US)
dd2df89f67b9745ba70681123dbca825.safeframe.googlesyndication.com
5c6f324fe02b48e91c788ce69d0dbd42.safeframe.googlesyndication.com
tpc.googlesyndication.com
2764921fbb442ed2ee8be03cdb4b7c51.safeframe.googlesyndication.com
20db39cb6b941dfb1821dcd1cd061854.safeframe.googlesyndication.com
1    3.239.232.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-239-232-201.compute-1.amazonaws.com
sqs.us-east-1.amazonaws.com
4    3.16.120.123 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-16-120-123.us-east-2.compute.amazonaws.com
socialcanvas-api.kargo.com
1    2600:9000:26fa:4800:13:6a46:aa00:93a1 (United States)

ASN16509 (AMAZON-02, US)
socialcanvas-cdn.kargo.com
2    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
8    23.46.189.209 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-189-209.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
px.moatads.com
1    18.164.96.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-54.jfk50.r.cloudfront.net
vc.hotjar.io
22    18.164.96.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-59.jfk50.r.cloudfront.net
api-2-0.spot.im
4    35.190.38.143 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 143.38.190.35.bc.googleusercontent.com
pubcast-files.remixd.com
player-files.remixd.com
1    35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co
1    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
pixels.ad.gt
24    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2600:9000:2209:c00:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)
dyv1bugovvq1g.cloudfront.net
16    34.194.32.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-32-208.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    13.35.93.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-23.jfk50.r.cloudfront.net
ats.rlcdn.com
1    52.73.128.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-128-118.compute-1.amazonaws.com
async01.admantx.com
1    13.225.214.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-91.ewr50.r.cloudfront.net
p.flipp.com
19    2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
10    34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com
api.permutive.com
1    18.211.247.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-247-225.compute-1.amazonaws.com
pixel.keywee.co
20    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    13.225.214.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-20.ewr50.r.cloudfront.net
native.sharethrough.com
4    2607:f8b0:4006:81c::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
9    167.172.234.98 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: bidstream-nyc-02.advertserve.org
ads.bidstreamserver.com
4    52.73.67.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-67-203.compute-1.amazonaws.com
api.viglink.com
8    18.164.129.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-129-159.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
1    13.225.66.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-66-47.ewr53.r.cloudfront.net
d3r7h55ola878c.cloudfront.net
1    52.85.61.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-61-61.ewr53.r.cloudfront.net
geo.privacymanager.io
16    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
9    104.91.102.49 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-102-49.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
5    108.138.128.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-124.jfk50.r.cloudfront.net
tags.crwdcntrl.net
5    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    18.164.124.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-103.jfk50.r.cloudfront.net
get.s-onetag.com
27    72.251.238.254 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
64    69.173.151.96 (United States)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
3    199.250.161.129 (United States)

ASN26459 (TTD-ASN-01, US)
direct.adsrvr.org
3    52.206.147.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-147-220.compute-1.amazonaws.com
krk.kargo.com
21    172.64.148.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
r.casalemedia.com
11    34.202.91.172 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-91-172.compute-1.amazonaws.com
g2.gumgum.com
38    63.251.114.182 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
4    50.19.69.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-69-24.compute-1.amazonaws.com
pre.ads.justpremium.com
match.justpremium.com
2    108.138.128.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-63.jfk50.r.cloudfront.net
hb.undertone.com
14    2620:100:a001::18 (United States)

ASN19750 (AS-CRITEO, US)
bidder.criteo.com
24    147.75.198.144 (Parsippany, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
11    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
32    2602:803:c002:200::113 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    54.81.115.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-81-115-164.compute-1.amazonaws.com
tlx.3lift.com
25    34.149.50.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.50.149.34.bc.googleusercontent.com
s.seedtag.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
1    2600:9000:2209:dc00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
65    52.46.128.147 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
7    13.35.93.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-19.jfk50.r.cloudfront.net
sheknows-tagan.adlightning.com
4    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
7    54.243.179.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-179-35.compute-1.amazonaws.com
bcp.crwdcntrl.net
sync.crwdcntrl.net
id.crwdcntrl.net
2    108.138.128.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-71.jfk50.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.226.34.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-8.ewr53.r.cloudfront.net
signal-beacon.s-onetag.com
2    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
pandg.tapad.com
5    2600:9000:2209:b200:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
9    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    23.197.180.24 (Billerica, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-180-24.deploy.static.akamaitechnologies.com
cs.media.net
85    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
6    34.133.71.175 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.71.133.34.bc.googleusercontent.com
um.simpli.fi
17    54.237.116.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-116-249.compute-1.amazonaws.com
rtb.gumgum.com
106    192.40.39.223 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
ssum.casalemedia.com
1    2600:9000:2514:2800:17:c484:6380:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-tam.minutemedia-prebid.com
8    44.215.82.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-82-85.compute-1.amazonaws.com
sync.bfmio.com
9    80.77.87.161 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
57    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
eu-u.openx.net
19    23.105.12.170 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssbsync-global.smartadserver.com
28    2606:ae80:1451:11::2010 (United States)

ASN25751 (VALUECLICK, US)
amazon-tam-match.dotomi.com
pulsepoint-match.dotomi.com
prebid-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
33across-match.dotomi.com
triplelift-match.dotomi.com
openx2-match.dotomi.com
3    2600:9000:2511:6a00:1f:2473:9080:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.undertone.com
30    184.29.128.213 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-128-213.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    35.173.120.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-120-247.compute-1.amazonaws.com
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
72    96.17.65.140 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-65-140.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
18    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
49    3.225.218.10 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-225-218-10.compute-1.amazonaws.com
ups.analytics.yahoo.com
pixel.advertising.com
cms.analytics.yahoo.com
23    18.208.74.11 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-74-11.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
cs.yellowblue.io
56    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
7    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
19    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
prebid-eu.creativecdn.com
4    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
11    213.19.162.90 (United Kingdom)

ASN3356 (LEVEL3, US)
pixel-eu.rubiconproject.com
24    3.221.79.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-79-249.compute-1.amazonaws.com
cs.minutemedia-prebid.com
85    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
id5-sync.com
67    3.214.33.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-33-241.compute-1.amazonaws.com
usersync.gumgum.com
72    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
us-east-sync.bidswitch.net
1    131.153.172.93 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
23    64.202.112.191 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
18    52.72.213.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-213-198.compute-1.amazonaws.com
sync.srv.stackadapt.com
50    2600:1f18:4e9:5a07:a115:6438:daed:9613 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
9    54.146.97.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-97-31.compute-1.amazonaws.com
sync.ipredictive.com
42    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
prebid.deepintent.com
14    64.74.236.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
16    104.126.112.185 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-126-112-185.deploy.static.akamaitechnologies.com
stags.bluekai.com
tags.bluekai.com
9    75.101.237.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-237-145.compute-1.amazonaws.com
ad.360yield.com
ice.360yield.com
10    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
adx.adform.net
10    52.71.250.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-250-162.compute-1.amazonaws.com
ads.yieldmo.com
9    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
rtb-use.mfadsrvr.com
12    96.46.183.20 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
3    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
35    195.244.31.11 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
visitor.omnitagjs.com
visitor-usa02.omnitagjs.com
hb-api.omnitagjs.com
tracking-usa02.omnitagjs.com
fo-ssp-usa02.omnitagjs.com
25    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
11    52.73.129.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-129-194.compute-1.amazonaws.com
match.sharethrough.com
5    3.227.72.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-72-71.compute-1.amazonaws.com
ssp.disqus.com
32    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
7    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    124.146.215.44 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
3    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
14    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
19    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
25    23.1.200.83 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-1-200-83.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    162.248.18.10 (United States)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
39    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.spotim.market
sync.adtelligent.com
1    34.107.140.17 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.140.107.34.bc.googleusercontent.com
di.rlcdn.com
18    54.203.119.5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-119-5.us-west-2.compute.amazonaws.com
collector.sheknows.com
1    108.139.29.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-50.jfk50.r.cloudfront.net
data-beacons.s-onetag.com
9    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
17    54.211.152.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-152-139.compute-1.amazonaws.com
rtb.adentifi.com
22    173.231.178.117 (United States)

ASN32475 (SINGLEHOP-LLC, US)
PTR: lga-delivery-9.sys.adgear.com
cm.adgrx.com
23    52.3.219.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-219-49.compute-1.amazonaws.com
match.prod.bidr.io
17    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
9    96.17.64.29 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a96-17-64-29.deploy.static.akamaitechnologies.com
contextual.media.net
121    63.251.28.234 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
25    18.164.96.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-81.jfk50.r.cloudfront.net
usr.undertone.com
3    72.247.66.215 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a72-247-66-215.deploy.static.akamaitechnologies.com
cw.addthis.com
27    52.1.195.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-195-92.compute-1.amazonaws.com
dpm.demdex.net
4    52.5.87.197 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-87-197.compute-1.amazonaws.com
beacon.krxd.net
16    2600:9000:2511:7400:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
16    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.spotim.market
p.medocdn.com
p.nodserving.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
23    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    104.18.111.252 (None, )

ASN13335 (CLOUDFLARENET, US)
cs.seedtag.com
18    184.29.128.199 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-128-199.deploy.static.akamaitechnologies.com
acdn.adnxs.com
cdn.adnxs.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.eu.criteo.com
12    3.214.218.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-218-211.compute-1.amazonaws.com
ice.360yield.com
ad.360yield.com
2    34.199.23.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-23-6.compute-1.amazonaws.com
usermatch.krxd.net
3    52.95.122.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
7    2606:4700::6813:9e13 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
14    2600:9000:21dd:bc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
14    2600:141b:f000:b9d::2c79 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
10    3.209.40.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-40-124.compute-1.amazonaws.com
track1.aniview.com
3    2600:1400:9000::687e:7748 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
11    168.119.146.39 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.39.146.119.168.clients.your-server.de
sync.richaudience.com
4    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
de.tynt.com
hde.tynt.com
4    216.22.16.8 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.smartadserver.com
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
1    47.252.78.131 (United States)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
3    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
3    52.205.242.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-242-31.compute-1.amazonaws.com
ads.creative-serving.com
4    34.195.149.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-149-193.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    23.23.164.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-164-24.compute-1.amazonaws.com
sonata-notifications.taptapnetworks.com
2    34.96.71.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
3    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
3    204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)
inv-nets.admixer.net
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    2600:1400:9000::687e:7752 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
1    2a06:8640:987::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.spotim.market
6    185.167.164.49 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
5    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
30    2600:1f13:800:7781:1bdf:bb4:db51:110d (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
7    2620:100:a001::1d (United States)

ASN19750 (AS-CRITEO, US)
ssp-sync.criteo.com
1    2606:4700:3037::ac43:9a47 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
6    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    8.28.7.105 (United States)

ASN62713 (AS-PUBMATIC, US)
ow.pubmatic.com
6    216.22.16.9 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
rtb-csync.smartadserver.com
17    34.117.239.71 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 71.239.117.34.bc.googleusercontent.com
events-ssc.33across.com
cms-xch-chicago.33across.com
11    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
14    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
p.safeservingcdn.com
8    52.201.153.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-153-89.compute-1.amazonaws.com
thrtle.com
4    54.92.247.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-247-49.compute-1.amazonaws.com
crb.kargo.com
2    2606:4700:20::681a:832 (United States)

ASN13335 (CLOUDFLARENET, US)
a.clickcertain.com
2    52.10.88.47 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-88-47.us-west-2.compute.amazonaws.com
a.usbrowserspeed.com
15    2a06:8640:799:0:ec4:7aff:fe6e:a48e (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.spotim.market
3    23.21.152.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-21-152-207.compute-1.amazonaws.com
go1.aniview.com
3    52.2.71.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-71-224.compute-1.amazonaws.com
ads.avct.cloud
18    54.156.152.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-152-169.compute-1.amazonaws.com
pm.w55c.net
5    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
openx-ums.acuityplatform.com
8    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    172.105.221.240 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-240.members.linode.com
gocm.c.appier.net
3    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
cm.ctnsnet.com
1    20.85.134.6 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
3    104.91.114.229 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-114-229.deploy.static.akamaitechnologies.com
px.owneriq.net
1    34.246.44.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-44-25.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
22    3.210.210.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-210-147.compute-1.amazonaws.com
sync.aniview.com
3    44.212.237.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-212-237-84.compute-1.amazonaws.com
s2s.aniview.com
1    15.235.42.103 (Victoria, Canada)

ASN16276 (OVH, FR)
PTR: haproxy-ca-002.roqad.pl
wt.rqtrk.eu
11    2600:1f18:61c0:2205:2eec:2094:b091:c76b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
d.adroll.com
2    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
2    13.226.34.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-34-120.ewr53.r.cloudfront.net
api.intentiq.com
5    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipglob.semasio.net
3    18.224.133.115 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-224-133-115.us-east-2.compute.amazonaws.com
x.videobyte.com
3    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
3    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
15    174.137.133.32 (United States)

ASN27257 (WEBAIR-INTERNET, US)
sync.adkernel.com
3    52.73.44.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-44-187.compute-1.amazonaws.com
nep.advangelists.com
6    199.127.204.163 (United States)

ASN26120 (RHYTHMONE, US)
targeting.unrulymedia.com
3    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
prebid.deepintent.com
4    2606:ae80:1451:14::1140 (United States)

ASN25751 (VALUECLICK, US)
web.hb.ad.cpe.dotomi.com
proc.ad.cpe.dotomi.com
4    34.237.83.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-83-209.compute-1.amazonaws.com
btlr.sharethrough.com
2    69.166.1.32 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
3    23.105.14.96 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
PTR: 23.105.14.96.rdns.racklot.com
prg.smartadserver.com
13    2a06:8640:764::2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
4    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    3.209.206.63 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-206-63.compute-1.amazonaws.com
bpi.rtactivate.com
6    34.228.108.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-108-181.compute-1.amazonaws.com
i.liadm.com
1    2600:1f18:ed:550a:4bc9:ac6a:bf5b:3f86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
i6.liadm.com
1    3.212.173.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-173-20.compute-1.amazonaws.com
sync.crwdcntrl.net
2    54.209.98.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-98-22.compute-1.amazonaws.com
io.narrative.io
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
1    2600:9000:24f1:200:17:b93b:fa40:21 (United States)

ASN16509 (AMAZON-02, US)
de9a11s35xj3d.cloudfront.net
1    35.211.200.231 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 231.200.211.35.bc.googleusercontent.com
ghent-gce-sc.bidswitch.net
1    2600:9000:21da:ae00:6:1e88:a100:21 (United States)

ASN16509 (AMAZON-02, US)
d31otfhas71ais.cloudfront.net
2    34.232.140.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-140-51.compute-1.amazonaws.com
tag.crsspxl.com
16    2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2600:1f18:612b:4232:a50d:a252:f0a2:d6f2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
p4dt2-980w2.ads.tremorhub.com
22    35.245.208.4 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.208.245.35.bc.googleusercontent.com
ssp.api.tappx.com
1    130.211.9.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.9.211.130.bc.googleusercontent.com
sync.graph.bluecava.com
1    35.201.111.96 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 96.111.201.35.bc.googleusercontent.com
hash.qualia.id
2    2606:4700:10::6816:36e8 (United States)

ASN13335 (CLOUDFLARENET, US)
c.aaxads.com
6    2606:4700:20::681a:68b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    172.64.152.89 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
3    35.208.249.213 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
5    35.186.154.107 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.154.186.35.bc.googleusercontent.com
cm-supply-web.gammaplatform.com
cm.gammaplatform.com
2    75.2.13.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
connect-metrics-collector.s-onetag.com
1    172.105.221.29 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1875-29.members.linode.com
s.c.appier.net
4    3.221.48.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-48-93.compute-1.amazonaws.com
um4.eqads.com
1    99.83.181.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0cb5afe0ce76779e.awsglobalaccelerator.com
signal-metrics-collector-beta.s-onetag.com
18    2600:1400:9000::687e:7751 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.stickyadstv.com
1    2606:4700:4400::ac40:97ee (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    3.94.248.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-248-42.compute-1.amazonaws.com
aorta.clickagy.com
39    2606:4700:10::6816:2560 (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
17    2600:1f16:e61:3f01:46b:43f6:5ec6:edd4 (Columbus, United States)

ASN16509 (AMAZON-02, US)
1f2e7.v.fwmrm.net
21    2620:116:800b:21:c1e8:5385:5098:6bf0 (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    52.3.79.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-79-25.compute-1.amazonaws.com
i.w55c.net
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
eu-u.openx.net
spot-im-d.openx.net
2    108.138.106.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-17.jfk50.r.cloudfront.net
live.rezync.com
1    13.225.214.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-84.ewr50.r.cloudfront.net
aa.agkn.com
2    2600:1901:0:8344:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
lexicon.33across.com
1    35.172.60.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-60-244.compute-1.amazonaws.com
track2.securedvisit.com
4    2600:9000:210b:9c00:10:43f:4352:ad61 (United States)

ASN16509 (AMAZON-02, US)
gw.geoedge.be
6    23.200.0.30 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-0-30.deploy.static.akamaitechnologies.com
fo-static-usa02.omnitagjs.com
1    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
us.creativecdn.com
1    2600:1f18:765:4800:7681:18d0:4c60:ba77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pxl.iqm.com
1    8.2.110.206 (United States)

ASN46636 (NATCOWEB, US)
cs.mobfox.com
5    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
4    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
6    142.250.176.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f6.1e100.net
ad.doubleclick.net
9    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
5    172.98.26.246 (Ashburn, United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
2    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
3    130.211.16.136 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 136.16.211.130.bc.googleusercontent.com
cdn.deepintent.com
1    23.205.56.163 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-56-163.deploy.static.akamaitechnologies.com
sync.teads.tv
6    104.91.111.199 (Boston, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-91-111-199.deploy.static.akamaitechnologies.com
ssl.connextra.com
1    3.80.12.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-80-12-105.compute-1.amazonaws.com
event.hgrtb.com
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
2    143.244.208.184 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sid.storygize.net
2    3.105.86.85 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-86-85.ap-southeast-2.compute.amazonaws.com
sasinator.realestate.com.au
1    3.220.28.161 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-28-161.compute-1.amazonaws.com
usersync.getpublica.com
3    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
4    23.206.216.29 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-216-29.deploy.static.akamaitechnologies.com
hbx.media.net
1    2607:f8b0:4006:807::2002 (United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    38.98.69.175 (New York, United States)

ASN174 (COGENT-174, US)
oxp.mxptint.net
3    2606:4700:e2::ac40:8a23 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
7    34.197.192.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-192-192.compute-1.amazonaws.com
ps.eyeota.net
66    104.127.91.228 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-91-228.deploy.static.akamaitechnologies.com
gsm-adverts.betstream.betgenius.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
crcdn01.adnxs-simple.com
1    35.244.216.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.216.244.35.bc.googleusercontent.com
openx.adhaven.com
3    8.2.110.113 (United States)

ASN46636 (NATCOWEB, US)
as.ck-ie.com
18    209.192.201.180 (United States)

ASN7979 (SERVERS-COM, US)
user-sync.adxpremium.services
2    35.210.53.219 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com
pool.admedo.com
2    44.199.144.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-199-144-94.compute-1.amazonaws.com
vop.sundaysky.com
4    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
3    156.146.36.23 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
PTR: 137173278.nyc.cdn77.com
vpaid.vidoomy.com
8    212.36.83.245 (None, )

ASN- ()
a.vidoomy.com
1    212.36.83.246 (None, )

ASN- ()
p.vidoomy.com
Apex Domain
Subdomains		 Transfer
256 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 597
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 811
fastlane.rubiconproject.com — Cisco Umbrella Rank: 510
eus.rubiconproject.com — Cisco Umbrella Rank: 593
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1110
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2179
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
572 KB
153 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 450
ib.adnxs.com — Cisco Umbrella Rank: 239
acdn.adnxs.com — Cisco Umbrella Rank: 578
nym1-ib.adnxs.com — Cisco Umbrella Rank: 1284
cdn.adnxs.com — Cisco Umbrella Rank: 1635
447 KB
139 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 537
cdn.stickyadstv.com — Cisco Umbrella Rank: 4639
1 MB
127 casalemedia.com
as-sec.casalemedia.com Failed
htlb.casalemedia.com — Cisco Umbrella Rank: 567
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 475
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590
dsum.casalemedia.com — Cisco Umbrella Rank: 1377
r.casalemedia.com — Cisco Umbrella Rank: 1668
ssum.casalemedia.com — Cisco Umbrella Rank: 1340
121 KB
127 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 895
ads.pubmatic.com — Cisco Umbrella Rank: 513
image8.pubmatic.com — Cisco Umbrella Rank: 653
image6.pubmatic.com — Cisco Umbrella Rank: 752
aud.pubmatic.com — Cisco Umbrella Rank: 16994
image4.pubmatic.com — Cisco Umbrella Rank: 1151
simage2.pubmatic.com — Cisco Umbrella Rank: 794
simage4.pubmatic.com — Cisco Umbrella Rank: 1267
ow.pubmatic.com — Cisco Umbrella Rank: 1760
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 512
218 KB
124 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
ad.doubleclick.net — Cisco Umbrella Rank: 173
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421
726 KB
106 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1973
ups.analytics.yahoo.com — Cisco Umbrella Rank: 326
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1363
42 KB
98 amazon-adsystem.com
z-na.amazon-adsystem.com — Cisco Umbrella Rank: 8477
aax-us-east.amazon-adsystem.com — Cisco Umbrella Rank: 915
c.amazon-adsystem.com — Cisco Umbrella Rank: 327
fls-na.amazon-adsystem.com — Cisco Umbrella Rank: 7882
aax.amazon-adsystem.com — Cisco Umbrella Rank: 404
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076
360 KB
95 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1524
rtb.gumgum.com — Cisco Umbrella Rank: 1500
usersync.gumgum.com — Cisco Umbrella Rank: 1853
36 KB
90 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 755
id5-sync.com — Cisco Umbrella Rank: 400
261 KB
85 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 736
48 KB
73 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 342
ghent-gce-sc.bidswitch.net — Cisco Umbrella Rank: 1939
us-east-sync.bidswitch.net — Cisco Umbrella Rank: 1790
31 KB
69 spot.im
launcher.spot.im — Cisco Umbrella Rank: 5244
direct-events-collector.spot.im — Cisco Umbrella Rank: 4607
static-cdn.spot.im — Cisco Umbrella Rank: 4576
publisher-assets.spot.im — Cisco Umbrella Rank: 4823
api-2-0.spot.im — Cisco Umbrella Rank: 2947
pix.spot.im — Cisco Umbrella Rank: 4832
760 KB
67 shefinds.com
www.shefinds.com — Cisco Umbrella Rank: 121030
7 MB
66 betgenius.com
gsm-adverts.betstream.betgenius.com — Cisco Umbrella Rank: 51190
3 MB
66 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 426
mug.criteo.com — Cisco Umbrella Rank: 2631
bidder.criteo.com — Cisco Umbrella Rank: 767
dis.eu.criteo.com — Cisco Umbrella Rank: 6713
dis.criteo.com — Cisco Umbrella Rank: 596
ssp-sync.criteo.com — Cisco Umbrella Rank: 1261
cat.va.us.criteo.com — Cisco Umbrella Rank: 2700
74 KB
65 openx.net
u.openx.net — Cisco Umbrella Rank: 670
us-u.openx.net — Cisco Umbrella Rank: 478
rtb.openx.net — Cisco Umbrella Rank: 751
eu-u.openx.net — Cisco Umbrella Rank: 2529
spot-im-d.openx.net — Cisco Umbrella Rank: 13115
8 KB
65 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 857
ap.lijit.com — Cisco Umbrella Rank: 659
64 KB
63 blogherads.com
ads.blogherads.com — Cisco Umbrella Rank: 14927
2 MB
61 adsafeprotected.com
cdn.adsafeprotected.com — Cisco Umbrella Rank: 3516
pixel.adsafeprotected.com — Cisco Umbrella Rank: 739
static.adsafeprotected.com — Cisco Umbrella Rank: 607
dt.adsafeprotected.com — Cisco Umbrella Rank: 579
733 KB
59 spotim.market
sync.spotim.market — Cisco Umbrella Rank: 2566
player.spotim.market — Cisco Umbrella Rank: 8432
s.spotim.market — Cisco Umbrella Rank: 5110
ghb.spotim.market — Cisco Umbrella Rank: 8992
657 KB
58 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 583
eb2.3lift.com — Cisco Umbrella Rank: 388
29 KB
55 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 929
apex.go.sonobi.com — Cisco Umbrella Rank: 2042
43 KB
54 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 561
33 KB
52 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1746
track1.aniview.com — Cisco Umbrella Rank: 1826
go1.aniview.com — Cisco Umbrella Rank: 6219
sync.aniview.com — Cisco Umbrella Rank: 1743
s2s.aniview.com — Cisco Umbrella Rank: 3444
779 KB
50 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
direct.adsrvr.org — Cisco Umbrella Rank: 3526
26 KB
48 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1052
prebid.deepintent.com — Cisco Umbrella Rank: 8816
cdn.deepintent.com — Cisco Umbrella Rank: 7901
20 KB
46 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 1064
events-ssc.33across.com — Cisco Umbrella Rank: 2095
cdn-ima.33across.com — Cisco Umbrella Rank: 1074
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 5061
lexicon.33across.com — Cisco Umbrella Rank: 1510
31 KB
41 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 944
visitor-usa02.omnitagjs.com — Cisco Umbrella Rank: 25444
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4109
fo-static-usa02.omnitagjs.com — Cisco Umbrella Rank: 67670
tracking-usa02.omnitagjs.com — Cisco Umbrella Rank: 50002
fo-ssp-usa02.omnitagjs.com — Cisco Umbrella Rank: 66979
399 KB
39 quantumdex.io
sync.quantumdex.io — Cisco Umbrella Rank: 2704
7 KB
35 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6101
ssbsync.smartadserver.com — Cisco Umbrella Rank: 777
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1578
csync.smartadserver.com — Cisco Umbrella Rank: 3414
sync.smartadserver.com — Cisco Umbrella Rank: 1345
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 682
prg.smartadserver.com — Cisco Umbrella Rank: 1594
31 KB
33 adtelligent.com
player.adtelligent.com — Cisco Umbrella Rank: 7584
ghb.adtelligent.com — Cisco Umbrella Rank: 6261
sync.adtelligent.com — Cisco Umbrella Rank: 3092
325 KB
33 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1556
115 KB
32 dotomi.com
amazon-tam-match.dotomi.com — Cisco Umbrella Rank: 4956
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 7135
prebid-match.dotomi.com — Cisco Umbrella Rank: 2148
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3398
casale-match.dotomi.com — Cisco Umbrella Rank: 2949
33across-match.dotomi.com — Cisco Umbrella Rank: 3384
web.hb.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3350
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2835
triplelift-match.dotomi.com — Cisco Umbrella Rank: 3748
openx2-match.dotomi.com — Cisco Umbrella Rank: 4758
11 KB
32 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1239
targeting.unrulymedia.com — Cisco Umbrella Rank: 787
15 KB
31 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 880
assets.a-mo.net — Cisco Umbrella Rank: 1725
13 KB
30 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 3720
cdn.undertone.com — Cisco Umbrella Rank: 3447
usr.undertone.com — Cisco Umbrella Rank: 2319
20 KB
29 googlesyndication.com
dd2df89f67b9745ba70681123dbca825.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 Failed
5c6f324fe02b48e91c788ce69d0dbd42.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
2764921fbb442ed2ee8be03cdb4b7c51.safeframe.googlesyndication.com
20db39cb6b941dfb1821dcd1cd061854.safeframe.googlesyndication.com
138 KB
28 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 1043
idsync.rlcdn.com — Cisco Umbrella Rank: 395
ats.rlcdn.com — Cisco Umbrella Rank: 3550
di.rlcdn.com — Cisco Umbrella Rank: 2121
id.rlcdn.com — Cisco Umbrella Rank: 740
75 KB
27 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 11864
user-sync.adxpremium.services — Cisco Umbrella Rank: 13128
33 KB
27 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 223
25 KB
27 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 2033
sheknows-tagan.adlightning.com — Cisco Umbrella Rank: 72353
582 KB
27 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1344
333 KB
26 seedtag.com
s.seedtag.com — Cisco Umbrella Rank: 4532
cs.seedtag.com — Cisco Umbrella Rank: 11592
17 KB
26 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1240
pixel.quantserve.com — Cisco Umbrella Rank: 928
cms.quantserve.com — Cisco Umbrella Rank: 756
17 KB
25 minutemedia-prebid.com
cs-tam.minutemedia-prebid.com — Cisco Umbrella Rank: 8256
cs.minutemedia-prebid.com — Cisco Umbrella Rank: 3806
13 KB
23 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 564
10 KB
23 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 778
7 KB
23 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2190
cs.yellowblue.io — Cisco Umbrella Rank: 2392
13 KB
22 tappx.com
ssp.api.tappx.com — Cisco Umbrella Rank: 4031
13 KB
22 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1395
9 KB
21 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 701
ice.360yield.com — Cisco Umbrella Rank: 2062
6 KB
20 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2030
gw.geoedge.be — Cisco Umbrella Rank: 2457
2 MB
20 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 570
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 7461
us.creativecdn.com — Cisco Umbrella Rank: 2873
5 KB
19 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 854
i.w55c.net — Cisco Umbrella Rank: 2115
14 KB
19 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 706
14 KB
19 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
1 MB
18 sheknows.com
collector.sheknows.com — Cisco Umbrella Rank: 17498
2 KB
18 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 716
5 KB
18 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 551
15 KB
17 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 2682
9 KB
17 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1098
9 KB
17 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1187
580 B
17 ad.gt
a.ad.gt — Cisco Umbrella Rank: 2369
p.ad.gt — Cisco Umbrella Rank: 2749
ids.ad.gt — Cisco Umbrella Rank: 1563
id.hadron.ad.gt — Cisco Umbrella Rank: 1772
pixels.ad.gt — Cisco Umbrella Rank: 2553
17 KB
16 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2188
vpaid.vidoomy.com — Cisco Umbrella Rank: 3064
a.vidoomy.com
p.vidoomy.com
76 KB
16 adform.net
cm.adform.net — Cisco Umbrella Rank: 1198
c1.adform.net — Cisco Umbrella Rank: 591
track.adform.net — Cisco Umbrella Rank: 4131
adx.adform.net — Cisco Umbrella Rank: 4440
7 KB
16 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 584
tags.bluekai.com — Cisco Umbrella Rank: 631
6 KB
16 sharethrough.com
native.sharethrough.com — Cisco Umbrella Rank: 2721
match.sharethrough.com — Cisco Umbrella Rank: 558
btlr.sharethrough.com — Cisco Umbrella Rank: 1105
117 KB
15 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1651
7 KB
14 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 546
9 KB
14 media.net
cs.media.net — Cisco Umbrella Rank: 1454
contextual.media.net — Cisco Umbrella Rank: 666
hbx.media.net — Cisco Umbrella Rank: 1253
7 KB
14 criteo.net
static.criteo.net — Cisco Umbrella Rank: 603
336 KB
14 reddit.com
embed.reddit.com — Cisco Umbrella Rank: 50350
w3-reporting.reddit.com — Cisco Umbrella Rank: 5191
122 KB
13 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 809
bcp.crwdcntrl.net — Cisco Umbrella Rank: 776
sync.crwdcntrl.net — Cisco Umbrella Rank: 795
id.crwdcntrl.net — Cisco Umbrella Rank: 2424
62 KB
13 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 473
pandg.tapad.com — Cisco Umbrella Rank: 2374
3 KB
12 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1532
8 KB
12 yieldmo.com
sync-amz.ads.yieldmo.com — Cisco Umbrella Rank: 5276
ads.yieldmo.com — Cisco Umbrella Rank: 677
sync-pm.ads.yieldmo.com — Cisco Umbrella Rank: 7993
7 KB
12 turn.com
ad.turn.com — Cisco Umbrella Rank: 834
d.turn.com — Cisco Umbrella Rank: 1356
4 KB
12 kargo.com
socialcanvas-api.kargo.com — Cisco Umbrella Rank: 9007
socialcanvas-cdn.kargo.com — Cisco Umbrella Rank: 9141
krk.kargo.com — Cisco Umbrella Rank: 5068
crb.kargo.com — Cisco Umbrella Rank: 1575
92 KB
12 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
424 B
12 permutive.com
cdn.permutive.com — Cisco Umbrella Rank: 2877
api.permutive.com — Cisco Umbrella Rank: 2160
485 KB
11 btloader.com
btloader.com — Cisco Umbrella Rank: 897
api.btloader.com — Cisco Umbrella Rank: 1014
15 KB
11 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1311
2 KB
11 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 812
9 KB
11 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1819
4 KB
10 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 4285
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5531
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5703
data-beacons.s-onetag.com — Cisco Umbrella Rank: 13670
connect-metrics-collector.s-onetag.com — Cisco Umbrella Rank: 4388
signal-metrics-collector-beta.s-onetag.com — Cisco Umbrella Rank: 4444
25 KB
9 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1061
rtb-use.mfadsrvr.com — Cisco Umbrella Rank: 6909
2 KB
9 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 925
4 KB
9 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 937
6 KB
9 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1190
225 KB
9 bidstreamserver.com
ads.bidstreamserver.com — Cisco Umbrella Rank: 34356
9 rev-stripe.com
tr.rev-stripe.com — Cisco Umbrella Rank: 110844
1 KB
9 rs-stripe.com
stripe.rs-stripe.com — Cisco Umbrella Rank: 76220
1 KB
8 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 805
s.tribalfusion.com — Cisco Umbrella Rank: 1949
5 KB
8 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1266
3 KB
8 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1567
5 KB
8 moatads.com
z.moatads.com — Cisco Umbrella Rank: 613
s-jsonp.moatads.com — Cisco Umbrella Rank: 14463
px.moatads.com — Cisco Umbrella Rank: 580
57 KB
8 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2283
i.liadm.com — Cisco Umbrella Rank: 623
i6.liadm.com — Cisco Umbrella Rank: 2522
4 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
23 KB
8 powerinboxedge.com
images-prod.powerinboxedge.com — Cisco Umbrella Rank: 22822
371 KB
7 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1056
4 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 692
2 KB
7 shemedia.com
ads.shemedia.com — Cisco Umbrella Rank: 16711
4 KB
7 cloudfront.net
d3ezl4ajpp2zy8.cloudfront.net Failed
d1z2jf7jlzjs58.cloudfront.net
d15kdpgjg3unno.cloudfront.net
dyv1bugovvq1g.cloudfront.net
d3r7h55ola878c.cloudfront.net
de9a11s35xj3d.cloudfront.net
d31otfhas71ais.cloudfront.net
1 MB
7 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 368
fonts.googleapis.com — Cisco Umbrella Rank: 41
imasdk.googleapis.com — Cisco Umbrella Rank: 488
416 KB
6 connextra.com
ssl.connextra.com — Cisco Umbrella Rank: 10301
8 KB
6 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 998
trc.taboola.com — Cisco Umbrella Rank: 614
1 KB
6 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 654
usermatch.krxd.net — Cisco Umbrella Rank: 1604
2 KB
6 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 791
3 KB
6 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1866
58 KB
6 remixd.com
tags.remixd.com — Cisco Umbrella Rank: 15853
pubcast-files.remixd.com — Cisco Umbrella Rank: 16438
player-files.remixd.com — Cisco Umbrella Rank: 16005
50 KB
6 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1210
4 KB
6 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2946
srv-2023-09-04-02.pixel.parsely.com
56 KB
6 boomtrain.com
cdn.boomtrain.com — Cisco Umbrella Rank: 5326
people.api.boomtrain.com — Cisco Umbrella Rank: 5681
46 KB
5 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6398
3 KB
5 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 2898
cm.gammaplatform.com — Cisco Umbrella Rank: 8619
2 KB
5 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1180
3 KB
5 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1278
openx-ums.acuityplatform.com — Cisco Umbrella Rank: 5722
3 KB
5 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1334
952 B
5 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 753
3 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
1 KB
5 google.com
analytics.google.com — Cisco Umbrella Rank: 164
www.google.com — Cisco Umbrella Rank: 2
2 KB
5 viglink.com
cdn.viglink.com — Cisco Umbrella Rank: 9879
api.viglink.com — Cisco Umbrella Rank: 14633
31 KB
5 keywee.co
cdn.keywee.co — Cisco Umbrella Rank: 14788
pixel.keywee.co — Cisco Umbrella Rank: 13044
34 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 169
211 KB
5 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 5810
143 KB
4 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1048
2 KB
4 eqads.com
um4.eqads.com — Cisco Umbrella Rank: 2712
751 B
4 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1493
2 KB
4 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1558
hde.tynt.com — Cisco Umbrella Rank: 3819
10 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1555
1 KB
4 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 1998
256 B
4 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 936
2 KB
4 justpremium.com
pre.ads.justpremium.com — Cisco Umbrella Rank: 7877
match.justpremium.com — Cisco Umbrella Rank: 3825
6 KB
4 narrativ.com
events.release.narrativ.com — Cisco Umbrella Rank: 8731
2 KB
4 gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
91 KB
4 marfeelcache.com
bc.marfeelcache.com — Cisco Umbrella Rank: 223605
10 KB
3 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 8429
1 KB
3 adxbid.info
adxbid.info — Cisco Umbrella Rank: 13394
9 KB
3 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 3371
435 B
3 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1079
591 B
3 tremorhub.com
p4dt2-980w2.ads.tremorhub.com — Cisco Umbrella Rank: 21516
2 KB
3 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 2811
550 B
3 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 2938
839 B
3 videobyte.com
x.videobyte.com — Cisco Umbrella Rank: 3880
503 B
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1590
2 KB
3 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5694
cm.ctnsnet.com — Cisco Umbrella Rank: 4888
1 KB
3 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 4270
2 KB
3 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2551
2 KB
3 smilewanted.com
csync.smilewanted.com — Cisco Umbrella Rank: 2812
1 KB
3 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 4404
2 KB
3 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1476
2 KB
3 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1263
679 B
3 addthis.com
cw.addthis.com — Cisco Umbrella Rank: 2686
1 KB
3 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 2773
464 B
3 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1382
5 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 165
3 KB
3 sellwild.com
widget.sellwild.com — Cisco Umbrella Rank: 42762
cache.sellwild.com — Cisco Umbrella Rank: 54450
448 KB
3 typenetwork.com
cloud.typenetwork.com — Cisco Umbrella Rank: 29058
fastly-cloud.typenetwork.com — Cisco Umbrella Rank: 42943
72 KB
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2559
1 KB
2 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 5311
749 B
2 realestate.com.au
sasinator.realestate.com.au — Cisco Umbrella Rank: 4462
1 KB
2 storygize.net
sid.storygize.net — Cisco Umbrella Rank: 2000
548 B
2 safeservingcdn.com
p.safeservingcdn.com — Cisco Umbrella Rank: 26262
38 KB
2 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1769
2 KB
2 aaxads.com
c.aaxads.com — Cisco Umbrella Rank: 4250
267 B
2 crsspxl.com
tag.crsspxl.com — Cisco Umbrella Rank: 5478
786 B
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 4036
643 B
2 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1443
217 B
2 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1367
704 B
2 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1603
565 B
2 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2344
s.c.appier.net — Cisco Umbrella Rank: 4293
812 B
2 nodserving.com
p.nodserving.com — Cisco Umbrella Rank: 29360
38 KB
2 medocdn.com
p.medocdn.com — Cisco Umbrella Rank: 29347
38 KB
2 usbrowserspeed.com
a.usbrowserspeed.com — Cisco Umbrella Rank: 6839
526 B
2 clickcertain.com
a.clickcertain.com — Cisco Umbrella Rank: 4245
1 KB
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 862
668 B
2 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1506
443 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1585
2 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2493
969 B
2 bing.com
c.bing.com — Cisco Umbrella Rank: 236
867 B
2 pghub.io
pghub.io — Cisco Umbrella Rank: 1976
feed.pghub.io — Cisco Umbrella Rank: 2270
6 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 729
693 B
2 boomtrain.net
onsite.boomtrain.net — Cisco Umbrella Rank: 230926
1 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 906
59 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1033
21 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
157 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
7 KB
1 adhaven.com
openx.adhaven.com — Cisco Umbrella Rank: 5991
245 B
1 adnxs-simple.com
crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 4044
63 KB
1 getpublica.com
usersync.getpublica.com — Cisco Umbrella Rank: 3718
251 B
1 hgrtb.com
event.hgrtb.com — Cisco Umbrella Rank: 4183
260 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1326
278 B
1 mobfox.com
cs.mobfox.com — Cisco Umbrella Rank: 3013
540 B
1 iqm.com
pxl.iqm.com — Cisco Umbrella Rank: 4509
527 B
1 securedvisit.com
track2.securedvisit.com — Cisco Umbrella Rank: 4338
178 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 527
655 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1965
652 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1693
557 B
1 qualia.id
hash.qualia.id — Cisco Umbrella Rank: 5743
407 B
1 bluecava.com
sync.graph.bluecava.com — Cisco Umbrella Rank: 2604
819 B
1 rqtrk.eu
wt.rqtrk.eu — Cisco Umbrella Rank: 1654
350 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2518
555 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4078
466 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2447
397 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 5941
279 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6515
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3663
347 B
1 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4828 Failed
oxp.mxptint.net — Cisco Umbrella Rank: 5098
552 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 1809
618 B
1 sascdn.com
ced-ns.sascdn.com — Cisco Umbrella Rank: 2869
3 KB
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6505
341 B
1 clientgear.com
event.clientgear.com — Cisco Umbrella Rank: 4358
285 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 3859
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1188
829 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3323
636 B
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2871
41 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1934
611 B
1 flipp.com
p.flipp.com — Cisco Umbrella Rank: 10759
1 admantx.com
async01.admantx.com — Cisco Umbrella Rank: 36223
1 KB
1 prmutv.co
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co — Cisco Umbrella Rank: 25701
394 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2658
257 B
1 amazonaws.com
sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5034
682 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1732
2 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5443
350 B
1 flippback.com
cdn-gateflipp.flippback.com — Cisco Umbrella Rank: 10911
34 KB
1 azurewebsites.net
lightboxapi.azurewebsites.net — Cisco Umbrella Rank: 25550
1 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1136
643 B
1 sovrn.com
comparisons.sovrn.com — Cisco Umbrella Rank: 16328
1 KB
1 rhombusads.com
cdn.rhombusads.com — Cisco Umbrella Rank: 29920
71 KB
1 rmtag.com
intljs.rmtag.com — Cisco Umbrella Rank: 12464
6 KB
1 bam-x.com
static.bam-x.com — Cisco Umbrella Rank: 74647
42 KB
1 revenuestripe.com
branding.revenuestripe.com — Cisco Umbrella Rank: 39783
1 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3408
163 KB
0 2mdn.net Failed
s0.2mdn.net Failed
0 smrtb.com Failed
ssl-market-east.smrtb.com Failed
0 bnmla.com Failed
match.bnmla.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 spotxchange.com Failed
sync.search.spotxchange.com Failed
0 colossusssp.com Failed
sync.colossusssp.com Failed
0 loopme.me Failed
csync.loopme.me Failed
2743 241
Domain Requested by
121 ads.stickyadstv.com 100 redirects ssum-sec.casalemedia.com
player.aniview.com
www.shefinds.com
cdn.stickyadstv.com
110 ib.adnxs.com 60 redirects www.shefinds.com
acdn.adnxs.com
player.spotim.market
ads.blogherads.com
eb2.3lift.com
cdn.deepintent.com
85 id5-sync.com 71 redirects www.shefinds.com
cs.seedtag.com
sync.go.sonobi.com
cdn.deepintent.com
player.adtelligent.com
85 onetag-sys.com 7 redirects s.amazon-adsystem.com
cs-tam.minutemedia-prebid.com
onetag-sys.com
cs-server-s2s.yellowblue.io
ads.blogherads.com
cs.seedtag.com
visitor.omnitagjs.com
sync.richaudience.com
s.spotim.market
ads.pubmatic.com
player.aniview.com
player.spotim.market
rumcdn.geoedge.be
sync.adkernel.com
sync.quantumdex.io
72 eus.rubiconproject.com s.amazon-adsystem.com
cs-tam.minutemedia-prebid.com
rtb.gumgum.com
eus.rubiconproject.com
cdn.undertone.com
cs-server-s2s.yellowblue.io
ads.blogherads.com
cs.seedtag.com
visitor.omnitagjs.com
hde.tynt.com
sync.richaudience.com
player.aniview.com
ssp.api.tappx.com
player.spotim.market
tagan.adlightning.com
rumcdn.geoedge.be
71 x.bidswitch.net 67 redirects onetag-sys.com
www.shefinds.com
67 usersync.gumgum.com 6 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
67 www.shefinds.com www.shefinds.com
66 gsm-adverts.betstream.betgenius.com ssl.connextra.com
gsm-adverts.betstream.betgenius.com
65 s.amazon-adsystem.com 1 redirects tagan.adlightning.com
s.amazon-adsystem.com
ce.lijit.com
rtb.gumgum.com
bh.contextweb.com
cs-tam.minutemedia-prebid.com
sync.bfmio.com
u.openx.net
sync-amz.ads.yieldmo.com
ssum-sec.casalemedia.com
cs-server-s2s.yellowblue.io
cdn.undertone.com
onetag-sys.com
ads.pubmatic.com
eus.rubiconproject.com
sync.go.sonobi.com
rumcdn.geoedge.be
c.amazon-adsystem.com
eb2.3lift.com
64 prebid-server.rubiconproject.com www.shefinds.com
onetag-sys.com
rtb.gumgum.com
ads.blogherads.com
ssum-sec.casalemedia.com
u.openx.net
ssp.api.tappx.com
ads.pubmatic.com
eb2.3lift.com
de.tynt.com
cdn.undertone.com
63 ads.blogherads.com www.shefinds.com
ads.blogherads.com
tagan.adlightning.com
62 cm.g.doubleclick.net 45 redirects rtb.gumgum.com
u.openx.net
sync-amz.ads.yieldmo.com
onetag-sys.com
eus.rubiconproject.com
eb2.3lift.com
56 eb2.3lift.com 15 redirects s.amazon-adsystem.com
ads.blogherads.com
eb2.3lift.com
sync.quantumdex.io
tagan.adlightning.com
u.openx.net
54 sync.1rx.io 52 redirects www.shefinds.com
ssp.api.tappx.com
53 sync.go.sonobi.com 7 redirects www.shefinds.com
player.aniview.com
sync.go.sonobi.com
eb2.3lift.com
53 securepubads.g.doubleclick.net widget.sellwild.com
securepubads.g.doubleclick.net
tagan.adlightning.com
www.shefinds.com
rumcdn.geoedge.be
50 pr-bh.ybp.yahoo.com 14 redirects u.openx.net
ssum-sec.casalemedia.com
s.amazon-adsystem.com
ssum.casalemedia.com
50 ssum-sec.casalemedia.com 9 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
cdn.undertone.com
js-sec.indexww.com
ssum.casalemedia.com
tagan.adlightning.com
www.shefinds.com
player.spotim.market
sync.quantumdex.io
47 match.adsrvr.org 43 redirects js-sec.indexww.com
player.spotim.market
46 us-u.openx.net 12 redirects u.openx.net
s.amazon-adsystem.com
de.tynt.com
us-u.openx.net
cdn.deepintent.com
player.spotim.market
44 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
cdn.deepintent.com
43 ups.analytics.yahoo.com 38 redirects onetag-sys.com
u.openx.net
eb2.3lift.com
40 pixel.rubiconproject.com 16 redirects onetag-sys.com
eus.rubiconproject.com
39 sync.quantumdex.io sync.adkernel.com
sync.quantumdex.io
ssum-sec.casalemedia.com
cs-server-s2s.yellowblue.io
onetag-sys.com
ads.pubmatic.com
39 match.deepintent.com 31 redirects rtb.gumgum.com
cdn.deepintent.com
38 ap.lijit.com 20 redirects www.shefinds.com
signal-beacon.s-onetag.com
api.viglink.com
visitor.omnitagjs.com
player.spotim.market
ads.blogherads.com
tagan.adlightning.com
37 static-cdn.spot.im launcher.spot.im
static-cdn.spot.im
tagan.adlightning.com
www.shefinds.com
32 image8.pubmatic.com 25 redirects onetag-sys.com
ads.pubmatic.com
32 fastlane.rubiconproject.com www.shefinds.com
player.spotim.market
ads.blogherads.com
31 sync.spotim.market 2 redirects www.shefinds.com
s.spotim.market
ads.pubmatic.com
rumcdn.geoedge.be
prebid.a-mo.net
player.spotim.market
30 dt.adsafeprotected.com www.shefinds.com
30 ads.pubmatic.com s.amazon-adsystem.com
rtb.gumgum.com
tagan.adlightning.com
cs.seedtag.com
hde.tynt.com
s.spotim.market
player.aniview.com
rumcdn.geoedge.be
ssp.api.tappx.com
sync.quantumdex.io
player.spotim.market
adxbid.info
vid.vidoomy.com
27 dpm.demdex.net 4 redirects cdn.undertone.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync.go.sonobi.com
player.spotim.market
27 ce.lijit.com 18 redirects www.shefinds.com
s.amazon-adsystem.com
ce.lijit.com
us-u.openx.net
27 www.redditstatic.com embed.reddit.com
www.shefinds.com
www.redditstatic.com
26 sync.targeting.unrulymedia.com 19 redirects ssbsync.smartadserver.com
s.spotim.market
s.amazon-adsystem.com
www.shefinds.com
ssp.api.tappx.com
25 usr.undertone.com cdn.undertone.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
25 secure-assets.rubiconproject.com 25 redirects
25 ssc-cms.33across.com 25 redirects
25 s.seedtag.com www.shefinds.com
cs.seedtag.com
onetag-sys.com
hde.tynt.com
eus.rubiconproject.com
ads.pubmatic.com
24 cms.quantserve.com 24 redirects
24 cs.minutemedia-prebid.com ce.lijit.com
cs-tam.minutemedia-prebid.com
onetag-sys.com
eus.rubiconproject.com
24 prebid.a-mo.net 3 redirects www.shefinds.com
ads.blogherads.com
player.spotim.market
rumcdn.geoedge.be
23 simage2.pubmatic.com 13 redirects ads.pubmatic.com
www.shefinds.com
cs.seedtag.com
23 match.prod.bidr.io 22 redirects www.shefinds.com
23 sync.outbrain.com 18 redirects rtb.gumgum.com
22 ssp.api.tappx.com tagan.adlightning.com
ssp.api.tappx.com
de.tynt.com
ads.pubmatic.com
eus.rubiconproject.com
sync.adkernel.com
22 sync.aniview.com onetag-sys.com
player.aniview.com
ssbsync.smartadserver.com
ssum.casalemedia.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
eus.rubiconproject.com
www.shefinds.com
22 cm.adgrx.com 3 redirects www.shefinds.com
ssum-sec.casalemedia.com
eb2.3lift.com
22 api-2-0.spot.im static-cdn.spot.im
visitor.omnitagjs.com
20 htlb.casalemedia.com www.shefinds.com
player.spotim.market
ads.blogherads.com
20 gum.criteo.com 10 redirects tagan.adlightning.com
static.criteo.net
20 js-sec.indexww.com ads.blogherads.com
tagan.adlightning.com
player.aniview.com
player.spotim.market
20 tagan.adlightning.com ads.blogherads.com
tagan.adlightning.com
19 pixel-sync.sitescout.com 19 redirects
19 www.googletagservices.com tagan.adlightning.com
rumcdn.geoedge.be
18 user-sync.adxpremium.services adxbid.info
ads.pubmatic.com
vid.vidoomy.com
18 cdn.stickyadstv.com player.aniview.com
cdn.stickyadstv.com
18 pm.w55c.net 18 redirects
18 collector.sheknows.com www.shefinds.com
18 sync.srv.stackadapt.com 16 redirects eb2.3lift.com
18 bh.contextweb.com 15 redirects s.amazon-adsystem.com
bh.contextweb.com
17 1f2e7.v.fwmrm.net 17 redirects
17 sync.mathtag.com 17 redirects
17 rtb.adentifi.com ssum-sec.casalemedia.com
s.amazon-adsystem.com
eb2.3lift.com
u.openx.net
17 rtb.gumgum.com 11 redirects s.amazon-adsystem.com
pre.ads.justpremium.com
ads.blogherads.com
tagan.adlightning.com
16 events-ssc.33across.com hde.tynt.com
eus.rubiconproject.com
ads.pubmatic.com
de.tynt.com
us-u.openx.net
16 rumcdn.geoedge.be static-cdn.spot.im
rumcdn.geoedge.be
player.spotim.market
www.shefinds.com
16 prebid-match.dotomi.com 16 redirects
16 creativecdn.com 16 redirects
16 cs-server-s2s.yellowblue.io s.amazon-adsystem.com
sync-amz.ads.yieldmo.com
cs-server-s2s.yellowblue.io
player.aniview.com
sync.quantumdex.io
16 pagead2.googlesyndication.com tagan.adlightning.com
securepubads.g.doubleclick.net
www.shefinds.com
tpc.googlesyndication.com
imasdk.googleapis.com
16 mug.criteo.com www.shefinds.com
16 pixel.adsafeprotected.com www.shefinds.com
tagan.adlightning.com
16 idsync.rlcdn.com 9 redirects cdn.undertone.com
cs.seedtag.com
sync.go.sonobi.com
www.shefinds.com
16 c.amazon-adsystem.com ads.blogherads.com
www.shefinds.com
player.spotim.market
player.aniview.com
c.amazon-adsystem.com
15 sync.adkernel.com 2 redirects sync.go.sonobi.com
ssp.api.tappx.com
sync.adkernel.com
onetag-sys.com
www.shefinds.com
player.spotim.market
sync.quantumdex.io
15 ghb.spotim.market player.spotim.market
15 acdn.adnxs.com ads.blogherads.com
player.aniview.com
player.spotim.market
tagan.adlightning.com
rumcdn.geoedge.be
15 ad.360yield.com 15 redirects
14 player.aniview.com tagan.adlightning.com
player.aniview.com
14 static.adsafeprotected.com tagan.adlightning.com
14 image6.pubmatic.com 10 redirects ads.pubmatic.com
14 b1sync.zemanta.com 14 redirects
14 bidder.criteo.com www.shefinds.com
static.criteo.net
player.spotim.market
player.adtelligent.com
14 static.criteo.net tagan.adlightning.com
ads.blogherads.com
www.shefinds.com
player.spotim.market
player.adtelligent.com
static.criteo.net
13 ghb.adtelligent.com player.spotim.market
p.nodserving.com
p.medocdn.com
p.safeservingcdn.com
13 cdn.indexww.com ssum-sec.casalemedia.com
13 visitor.omnitagjs.com 1 redirects cs.seedtag.com
visitor.omnitagjs.com
ssbsync.smartadserver.com
onetag-sys.com
s.spotim.market
eus.rubiconproject.com
13 image2.pubmatic.com 8 redirects ads.pubmatic.com
cs.seedtag.com
13 secure.adnxs.com 12 redirects srcdoc
12 nym1-ib.adnxs.com srcdoc
rumcdn.geoedge.be
cdn.adnxs.com
12 player.adtelligent.com player.spotim.market
p.nodserving.com
p.medocdn.com
player.adtelligent.com
p.safeservingcdn.com
12 player.spotim.market www.shefinds.com
rumcdn.geoedge.be
12 ads.betweendigital.com 12 redirects
12 ssbsync.smartadserver.com 10 redirects visitor.omnitagjs.com
player.aniview.com
12 www.facebook.com www.shefinds.com
12 pixel.tapad.com 7 redirects pandg.tapad.com
s.amazon-adsystem.com
cs.seedtag.com
sync.go.sonobi.com
u.openx.net
12 embed.reddit.com www.shefinds.com
embed.reddit.com
tagan.adlightning.com
11 d.adroll.com ssum.casalemedia.com
ssum-sec.casalemedia.com
11 p.rfihub.com 11 redirects
11 sync.richaudience.com 4 redirects cs.seedtag.com
sync.richaudience.com
onetag-sys.com
eus.rubiconproject.com
11 match.sharethrough.com 10 redirects cdn.deepintent.com
11 pixel-eu.rubiconproject.com 8 redirects onetag-sys.com
11 c2shb.ssp.yahoo.com www.shefinds.com
11 g2.gumgum.com www.shefinds.com
11 ids.ad.gt 1 redirects www.shefinds.com
10 track1.aniview.com www.shefinds.com
player.aniview.com
10 ads.yieldmo.com 7 redirects cs-tam.minutemedia-prebid.com
sync-amz.ads.yieldmo.com
10 u.openx.net 4 redirects s.amazon-adsystem.com
tagan.adlightning.com
us-u.openx.net
10 api.permutive.com www.shefinds.com
9 tracking-usa02.omnitagjs.com www.shefinds.com
9 rtb.adxpremium.services player.adtelligent.com
adxbid.info
9 tpc.googlesyndication.com rumcdn.geoedge.be
www.shefinds.com
9 contextual.media.net cs-server-s2s.yellowblue.io
www.shefinds.com
u.openx.net
rumcdn.geoedge.be
9 sync.ipredictive.com 9 redirects
9 cs.admanmedia.com 9 redirects
9 ad.turn.com 9 redirects
9 secure.cdn.fastclick.net tagan.adlightning.com
rumcdn.geoedge.be
secure.cdn.fastclick.net
9 ads.bidstreamserver.com tagan.adlightning.com
9 tr.rev-stripe.com 9 redirects
9 stripe.rs-stripe.com 9 redirects
8 a.vidoomy.com www.shefinds.com
ads.pubmatic.com
adxbid.info
8 sync.adtelligent.com www.shefinds.com
ads.pubmatic.com
sync.quantumdex.io
8 thrtle.com 5 redirects s.amazon-adsystem.com
sync.go.sonobi.com
www.shefinds.com
8 id.rlcdn.com 3 redirects visitor.omnitagjs.com
u.openx.net
www.shefinds.com
rumcdn.geoedge.be
8 tags.bluekai.com 1 redirects cdn.undertone.com
eus.rubiconproject.com
sync.go.sonobi.com
player.spotim.market
8 rtb.mfadsrvr.com 8 redirects
8 stags.bluekai.com 7 redirects us-u.openx.net
8 sync.bfmio.com s.amazon-adsystem.com
sync.bfmio.com
cdn.deepintent.com
8 aax.amazon-adsystem.com www.shefinds.com
c.amazon-adsystem.com
8 www.google-analytics.com www.googletagmanager.com
ads.blogherads.com
www.google-analytics.com
8 images-prod.powerinboxedge.com www.shefinds.com
7 ps.eyeota.net 1 redirects www.shefinds.com
7 a.tribalfusion.com 7 redirects
7 ssp-sync.criteo.com www.shefinds.com
7 visitor-usa02.omnitagjs.com visitor.omnitagjs.com
7 assets.a-mo.net prebid.a-mo.net
assets.a-mo.net
7 cs.yellowblue.io cs-server-s2s.yellowblue.io
onetag-sys.com
eus.rubiconproject.com
7 dsum.casalemedia.com ssum-sec.casalemedia.com
ssum.casalemedia.com
7 sync-tm.everesttech.net 6 redirects ads.pubmatic.com
7 pixel-us-east.rubiconproject.com 7 redirects
7 sheknows-tagan.adlightning.com tagan.adlightning.com
7 ads.shemedia.com ads.blogherads.com
tagan.adlightning.com
6 ssl.connextra.com rumcdn.geoedge.be
ssl.connextra.com
6 ad.doubleclick.net 2 redirects www.shefinds.com
c.aaxads.com
ssl.connextra.com
6 fo-static-usa02.omnitagjs.com rumcdn.geoedge.be
www.shefinds.com
6 btloader.com 4 redirects www.shefinds.com
6 i.liadm.com 3 redirects www.shefinds.com
ssum-sec.casalemedia.com
6 prebid.deepintent.com player.spotim.market
6 targeting.unrulymedia.com player.spotim.market
6 rtb-csync.smartadserver.com 3 redirects ssbsync.smartadserver.com
6 rtb.openx.net 5 redirects u.openx.net
6 c1.adform.net 6 redirects
6 ssbsync-global.smartadserver.com 3 redirects onetag-sys.com
6 ice.360yield.com 6 redirects
6 image4.pubmatic.com 5 redirects sync-amz.ads.yieldmo.com
6 pix.spot.im static-cdn.spot.im
6 cm.adform.net 4 redirects cs-tam.minutemedia-prebid.com
cs.seedtag.com
6 um.simpli.fi 6 redirects
6 px.moatads.com www.shefinds.com
6 cdn.hadronid.net a.ad.gt
www.shefinds.com
6 jadserve.postrelease.com 1 redirects s.ntv.io
www.shefinds.com
5 pbjs.e-planning.net 2 redirects www.shefinds.com
player.adtelligent.com
5 api.btloader.com c.aaxads.com
5 uipglob.semasio.net 2 redirects sync.go.sonobi.com
www.shefinds.com
player.spotim.market
5 ssum.casalemedia.com 4 redirects player.aniview.com
5 sync.taboola.com 2 redirects www.shefinds.com
5 ssp.disqus.com 5 redirects
5 s.ad.smaato.net 5 redirects
5 cdn.id5-sync.com tagan.adlightning.com
rumcdn.geoedge.be
5 tags.crwdcntrl.net tagan.adlightning.com
rumcdn.geoedge.be
5 px.ads.linkedin.com 1 redirects www.shefinds.com
eus.rubiconproject.com
eb2.3lift.com
5 token.rubiconproject.com 4 redirects www.shefinds.com
5 connect.facebook.net www.shefinds.com
connect.facebook.net
5 www.lightboxcdn.com www.shefinds.com
www.lightboxcdn.com
4 vid.vidoomy.com adxbid.info
vid.vidoomy.com
4 hbx.media.net 4 redirects
4 ad-delivery.net www.shefinds.com
c.aaxads.com
4 gw.geoedge.be www.shefinds.com
4 um4.eqads.com 4 redirects
4 hbopenbid.pubmatic.com player.spotim.market
4 btlr.sharethrough.com player.spotim.market
4 ums.acuityplatform.com 4 redirects
4 crb.kargo.com 3 redirects s.amazon-adsystem.com
4 beacon.lynx.cognitivlabs.com 3 redirects ads.pubmatic.com
4 sync.smartadserver.com 4 redirects
4 dis.criteo.com 4 redirects
4 dis.eu.criteo.com 4 redirects
4 beacon.krxd.net cdn.undertone.com
www.shefinds.com
4 pixel.advertising.com 4 redirects
4 tr.blismedia.com 2 redirects ce.lijit.com
u.openx.net
4 lb.eu-1-id5-sync.com www.shefinds.com
player.adtelligent.com
4 api.viglink.com 2 redirects www.shefinds.com
4 www.google.com www.shefinds.com
rumcdn.geoedge.be
4 socialcanvas-api.kargo.com www.shefinds.com
4 events.release.narrativ.com static.bam-x.com
www.shefinds.com
4 fonts.gstatic.com www.shefinds.com
fonts.googleapis.com
4 cdn.keywee.co 1 redirects www.shefinds.com
cdn.keywee.co
4 people.api.boomtrain.com cdn.boomtrain.com
4 bc.marfeelcache.com www.shefinds.com
bc.marfeelcache.com
3 vpaid.vidoomy.com vid.vidoomy.com
3 as.ck-ie.com 3 redirects
3 adxbid.info player.adtelligent.com
3 id.crwdcntrl.net player.adtelligent.com
3 matching.ivitrack.com www.shefinds.com
rumcdn.geoedge.be
3 cdn.adnxs.com rumcdn.geoedge.be
3 fo-ssp-usa02.omnitagjs.com rumcdn.geoedge.be
3 cdn.deepintent.com player.spotim.market
3 adx.adform.net player.adtelligent.com
3 cm-supply-web.gammaplatform.com 3 redirects
3 trace.mediago.io 3 redirects
3 p4dt2-980w2.ads.tremorhub.com 1 redirects www.shefinds.com
3 prg.smartadserver.com player.spotim.market
3 prebid-eu.creativecdn.com player.spotim.market
3 hb-api.omnitagjs.com player.spotim.market
3 nep.advangelists.com 3 redirects
3 d.turn.com 1 redirects sync.go.sonobi.com
www.shefinds.com
3 e.serverbid.com 3 redirects
3 x.videobyte.com 3 redirects
3 s2s.aniview.com player.aniview.com
3 px.owneriq.net 3 redirects
3 ads.avct.cloud 3 redirects
3 go1.aniview.com www.shefinds.com
3 simage4.pubmatic.com ads.pubmatic.com
3 inv-nets.admixer.net 3 redirects
3 csync.smilewanted.com 3 redirects
3 ads.creative-serving.com 3 redirects
3 t.adx.opera.com 3 redirects
3 odr.mookie1.com 3 redirects
3 de.tynt.com 1 redirects ssp.api.tappx.com
tagan.adlightning.com
3 csync.smartadserver.com cs.seedtag.com
csync.smartadserver.com
3 aax-eu.amazon-adsystem.com eus.rubiconproject.com
ssbsync.smartadserver.com
eb2.3lift.com
3 cw.addthis.com cdn.undertone.com
3 ad.mrtnsvr.com 3 redirects
3 sync.technoratimedia.com 3 redirects
3 cdn.undertone.com s.amazon-adsystem.com
ads.blogherads.com
tagan.adlightning.com
3 player-files.remixd.com www.shefinds.com
3 bcp.crwdcntrl.net 1 redirects www.shefinds.com
cs.seedtag.com
3 krk.kargo.com www.shefinds.com
3 direct.adsrvr.org www.shefinds.com
3 get.s-onetag.com www.shefinds.com
tagan.adlightning.com
get.s-onetag.com
3 srv-2023-09-04-02.pixel.parsely.com www.shefinds.com
3 sb.scorecardresearch.com 1 redirects ads.blogherads.com
www.shefinds.com
3 cdn.parsely.com www.shefinds.com
d1z2jf7jlzjs58.cloudfront.net
3 fonts.googleapis.com widget.sellwild.com
client
www.shefinds.com
2 vop.sundaysky.com 2 redirects
2 pool.admedo.com 2 redirects
2 cms.analytics.yahoo.com 2 redirects
2 sasinator.realestate.com.au 1 redirects eb2.3lift.com
2 cm.ctnsnet.com 2 redirects
2 sid.storygize.net 2 redirects
2 p.safeservingcdn.com rumcdn.geoedge.be
p.safeservingcdn.com
2 imasdk.googleapis.com ads.blogherads.com
imasdk.googleapis.com
2 cm.gammaplatform.com ssum-sec.casalemedia.com
2 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
2 lexicon.33across.com cdn-ima.33across.com
2 live.rezync.com 2 redirects
2 eu-u.openx.net 1 redirects us-u.openx.net
2 connect-metrics-collector.s-onetag.com api.viglink.com
2 cdn-ima.33across.com rumcdn.geoedge.be
2 c.aaxads.com 2 redirects
2 tag.crsspxl.com 2 redirects
2 io.narrative.io 1 redirects www.shefinds.com
2 bpi.rtactivate.com www.shefinds.com
us-u.openx.net
2 apex.go.sonobi.com player.spotim.market
2 web.hb.ad.cpe.dotomi.com player.spotim.market
2 api.intentiq.com sync.go.sonobi.com
tagan.adlightning.com
2 dmp.brand-display.com 2 redirects
2 p.nodserving.com rumcdn.geoedge.be
p.nodserving.com
2 p.medocdn.com rumcdn.geoedge.be
p.medocdn.com
2 a.usbrowserspeed.com 2 redirects
2 a.clickcertain.com 2 redirects
2 33across-match.dotomi.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 bttrack.com 2 redirects
2 s.company-target.com 2 redirects
2 loadm.exelator.com 1 redirects cdn.undertone.com
2 pubmatic-match.dotomi.com 2 redirects
2 match.justpremium.com pre.ads.justpremium.com
us-u.openx.net
2 a.sportradarserving.com 2 redirects
2 usermatch.krxd.net 2 redirects
2 sync.crwdcntrl.net 1 redirects www.shefinds.com
2 pulsepoint-match.dotomi.com 2 redirects
2 c.bing.com rtb.gumgum.com
eb2.3lift.com
2 amazon-tam-match.dotomi.com 2 redirects
2 onetag-geo.s-onetag.com api.viglink.com
signal-beacon.s-onetag.com
2 tlx.3lift.com www.shefinds.com
2 hb.undertone.com www.shefinds.com
2 pre.ads.justpremium.com www.shefinds.com
ads.blogherads.com
2 pippio.com 1 redirects us-u.openx.net
2 id.hadron.ad.gt www.shefinds.com
2 api.rlcdn.com js-sec.indexww.com
www.shefinds.com
2 fls-na.amazon-adsystem.com www.shefinds.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.shefinds.com
2 tags.remixd.com ads.blogherads.com
tags.remixd.com
2 w3-reporting.reddit.com embed.reddit.com
2 cdn.permutive.com ads.blogherads.com
www.shefinds.com
2 publisher-assets.spot.im launcher.spot.im
www.shefinds.com
2 aax-us-east.amazon-adsystem.com z-na.amazon-adsystem.com
2 a.ad.gt www.shefinds.com
2 cache.sellwild.com widget.sellwild.com
2 d1z2jf7jlzjs58.cloudfront.net www.shefinds.com
2 onsite.boomtrain.net cdn.boomtrain.com
2 z-na.amazon-adsystem.com www.shefinds.com
2 maxcdn.bootstrapcdn.com www.shefinds.com
2 www.googletagmanager.com www.shefinds.com
ads.blogherads.com
2 cdn.boomtrain.com www.shefinds.com
2 ajax.googleapis.com www.shefinds.com
2 cloud.typenetwork.com www.shefinds.com
2 cdnjs.cloudflare.com www.shefinds.com
1 p.vidoomy.com vid.vidoomy.com
1 openx2-match.dotomi.com 1 redirects
1 openx.adhaven.com 1 redirects
1 openx-ums.acuityplatform.com 1 redirects
1 crcdn01.adnxs-simple.com srcdoc
1 oxp.mxptint.net 1 redirects
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 usersync.getpublica.com eb2.3lift.com
1 20db39cb6b941dfb1821dcd1cd061854.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 trc.taboola.com 1 redirects
1 event.hgrtb.com 1 redirects
1 sync.teads.tv cdn.deepintent.com
1 spot-im-d.openx.net player.spotim.market
1 cs.mobfox.com 1 redirects
1 pxl.iqm.com 1 redirects
1 us.creativecdn.com 1 redirects
1 triplelift-match.dotomi.com 1 redirects
1 track2.securedvisit.com tagan.adlightning.com
1 aa.agkn.com us-u.openx.net
1 i.w55c.net 1 redirects
1 cms-xch-chicago.33across.com de.tynt.com
1 aorta.clickagy.com 1 redirects
1 idpix.media6degrees.com 1 redirects
1 2764921fbb442ed2ee8be03cdb4b7c51.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 signal-metrics-collector-beta.s-onetag.com signal-beacon.s-onetag.com
1 5c6f324fe02b48e91c788ce69d0dbd42.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 s.c.appier.net 1 redirects
1 hash.qualia.id www.shefinds.com
1 sync.graph.bluecava.com 1 redirects
1 d31otfhas71ais.cloudfront.net www.shefinds.com
1 us-east-sync.bidswitch.net 1 redirects
1 ghent-gce-sc.bidswitch.net www.shefinds.com
1 rtb-use.mfadsrvr.com 1 redirects
1 de9a11s35xj3d.cloudfront.net www.shefinds.com
1 cat.va.us.criteo.com www.shefinds.com
1 i6.liadm.com www.shefinds.com
1 wt.rqtrk.eu ssbsync.smartadserver.com
1 match.adsby.bidtheatre.com 1 redirects
1 ads.playground.xyz 1 redirects
1 synchroscript.deliveryengine.adswizz.com cs.seedtag.com
1 core.iprom.net ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 gocm.c.appier.net 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 track.adform.net sync.richaudience.com
1 ow.pubmatic.com www.shefinds.com
1 id.a-mx.com 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 s.spotim.market visitor.omnitagjs.com
1 ced-ns.sascdn.com csync.smartadserver.com
1 sonata-notifications.taptapnetworks.com 1 redirects
1 event.clientgear.com 1 redirects
1 hde.tynt.com cs.seedtag.com
1 cs.seedtag.com ads.blogherads.com
1 sync-pm.ads.yieldmo.com s.amazon-adsystem.com
1 us01.z.antigena.com s.amazon-adsystem.com
1 data-beacons.s-onetag.com tagan.adlightning.com
1 di.rlcdn.com www.shefinds.com
1 aud.pubmatic.com www.shefinds.com
1 tg.socdm.com 1 redirects
1 server.cpmstar.com 1 redirects
1 sync-amz.ads.yieldmo.com s.amazon-adsystem.com
1 ssbsync-us.smartadserver.com 1 redirects
1 cs-tam.minutemedia-prebid.com s.amazon-adsystem.com
1 cs.media.net 1 redirects
1 pandg.tapad.com pghub.io
1 feed.pghub.io 1 redirects
1 signal-beacon.s-onetag.com tagan.adlightning.com
1 cdn.jwplayer.com tags.remixd.com
1 pghub.io ads.blogherads.com
1 geo.privacymanager.io ats.rlcdn.com
1 d3r7h55ola878c.cloudfront.net www.lightboxcdn.com
1 s-jsonp.moatads.com www.shefinds.com
1 native.sharethrough.com ads.blogherads.com
1 pixel.keywee.co www.shefinds.com
1 p.flipp.com cdn-gateflipp.flippback.com
1 async01.admantx.com www.shefinds.com
1 ats.rlcdn.com ads.blogherads.com
1 dyv1bugovvq1g.cloudfront.net ads.blogherads.com
1 pixels.ad.gt tagan.adlightning.com
1 3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co www.shefinds.com
1 pubcast-files.remixd.com tags.remixd.com
1 vc.hotjar.io www.shefinds.com
1 z.moatads.com tagan.adlightning.com
1 pixel.quantserve.com www.shefinds.com
1 socialcanvas-cdn.kargo.com cdn.rhombusads.com
1 sqs.us-east-1.amazonaws.com d15kdpgjg3unno.cloudfront.net
1 dd2df89f67b9745ba70681123dbca825.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com tagan.adlightning.com
1 idx.liadm.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 analytics.google.com www.googletagmanager.com
1 p.ad.gt a.ad.gt
1 cdn-gateflipp.flippback.com ads.blogherads.com
1 lightboxapi.azurewebsites.net www.lightboxcdn.com
1 rules.quantcount.com secure.quantserve.com
1 comparisons.sovrn.com cdn.viglink.com
1 script.hotjar.com static.hotjar.com
1 cdn.rhombusads.com ads.blogherads.com
1 cdn.adsafeprotected.com ads.blogherads.com
1 d15kdpgjg3unno.cloudfront.net ads.blogherads.com
1 direct-events-collector.spot.im launcher.spot.im
1 secure.quantserve.com www.shefinds.com
1 cdn.viglink.com www.shefinds.com
1 fastly-cloud.typenetwork.com cloud.typenetwork.com
1 intljs.rmtag.com www.shefinds.com
1 static.hotjar.com www.shefinds.com
1 static.bam-x.com www.shefinds.com
1 widget.sellwild.com www.shefinds.com
1 launcher.spot.im www.shefinds.com
1 branding.revenuestripe.com www.shefinds.com
1 s.ntv.io www.shefinds.com
0 csi.gstatic.com Failed imasdk.googleapis.com
0 s0.2mdn.net Failed imasdk.googleapis.com
0 ssl-market-east.smrtb.com Failed sync.go.sonobi.com
player.spotim.market
0 match.bnmla.com Failed sync.go.sonobi.com
www.shefinds.com
player.spotim.market
0 pmp.mxptint.net Failed s.amazon-adsystem.com
0 sync.adotmob.com Failed visitor.omnitagjs.com
ssbsync.smartadserver.com
0 sync.search.spotxchange.com Failed www.shefinds.com
cs.seedtag.com
0 sync.colossusssp.com Failed www.shefinds.com
ads.blogherads.com
0 csync.loopme.me Failed cs-tam.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
visitor.omnitagjs.com
ssum-sec.casalemedia.com
ads.pubmatic.com
ssbsync.smartadserver.com
ssp.api.tappx.com
de.tynt.com
cdn.deepintent.com
eb2.3lift.com
0 as-sec.casalemedia.com Failed www.shefinds.com
js-sec.indexww.com
0 d3ezl4ajpp2zy8.cloudfront.net Failed www.shefinds.com
2743 437
Subject Issuer Validity Valid
shefinds.com
Go Daddy Secure Certificate Authority - G2		 2022-09-26 -
2023-10-25		 a year crt.sh
marfeelcache.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-07-27 -
2024-08-27		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
cloud.typenetwork.com
R3		 2023-08-19 -
2023-11-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.boomtrain.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-03-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.blogherads.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-27 -
2024-01-28		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-02-28		 6 months crt.sh
*.spot.im
Amazon RSA 2048 M02		 2023-09-03 -
2024-09-30		 a year crt.sh
z-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-01-18 -
2024-02-17		 a year crt.sh
*.sellwild.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-22		 a year crt.sh
*.api.boomtrain.com
Amazon RSA 2048 M02		 2023-02-24 -
2023-11-14		 9 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-13 -
2023-09-11		 3 months crt.sh
static.planethowl.com
Amazon RSA 2048 M01		 2023-08-07 -
2024-09-04		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
intljs.rmtag.com
GTS CA 1D4		 2023-08-05 -
2023-11-03		 3 months crt.sh
fastly-cloud.typenetwork.com
R3		 2023-08-19 -
2023-11-17		 3 months crt.sh
viglink.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-11-11		 9 months crt.sh
quantserve.com
R3		 2023-08-29 -
2023-11-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
app.zetaglobal.net
Amazon RSA 2048 M02		 2023-04-15 -
2024-05-13		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.shemedia.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-27 -
2024-01-28		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-25 -
2024-02-21		 6 months crt.sh
aax-us-east.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-05-07		 a year crt.sh
*.adlightning.com
Amazon RSA 2048 M01		 2023-07-08 -
2024-08-05		 a year crt.sh
*.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-22 -
2024-06-19		 a year crt.sh
*.rhombusads.com
Amazon RSA 2048 M03		 2023-08-12 -
2024-09-08		 a year crt.sh
permutive.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-25		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.release.narrativ.com
Amazon RSA 2048 M02		 2023-07-17 -
2024-08-13		 a year crt.sh
comparisons.sovrn.com
Amazon RSA 2048 M02		 2022-12-21 -
2024-01-19		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 06		 2023-05-21 -
2024-05-15		 a year crt.sh
*.anyword.com
Amazon RSA 2048 M01		 2023-06-05 -
2024-07-03		 a year crt.sh
*.flippback.com
Amazon RSA 2048 M02		 2023-06-15 -
2024-07-12		 a year crt.sh
*.remixd.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-03-09		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.pixel.parsely.com
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh
fls-na.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
securedvisit.com
Amazon RSA 2048 M03		 2023-08-16 -
2024-09-13		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
cdn.prod.uidapi.com
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
queue.amazonaws.com
Amazon RSA 2048 M01		 2023-03-08 -
2024-03-07		 a year crt.sh
*.kargo.com
Amazon RSA 2048 M01		 2023-04-30 -
2024-05-28		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
pubcast-files.remixd.com
GTS CA 1D4		 2023-07-22 -
2023-10-20		 3 months crt.sh
*.prmutv.co
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01		 2023-03-29 -
2024-04-27		 a year crt.sh
*.admantx.com
SSL.com RSA SSL subCA		 2023-04-18 -
2024-05-18		 a year crt.sh
flipp.com
Amazon RSA 2048 M01		 2023-07-31 -
2024-08-28		 a year crt.sh
api.permutive.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
pixel.keywee.co
Amazon ECDSA 256 M01		 2023-02-01 -
2024-03-01		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
admin.bidstreamserver.com
R3		 2023-08-22 -
2023-11-20		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-06-07 -
2024-07-06		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
tracking.justpremium.com
Amazon RSA 2048 M01		 2023-01-26 -
2024-02-24		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-23 -
2023-11-15		 6 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.seedtag.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-29 -
2024-04-15		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
player-files.remixd.com
GTS CA 1D4		 2023-07-30 -
2023-10-28		 3 months crt.sh
*.s-onetag.com
Amazon RSA 2048 M01		 2023-02-23 -
2024-01-02		 10 months crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-10 -
2024-05-09		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.id5-sync.com
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-09		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.sheknows.com
Amazon RSA 2048 M01		 2023-05-20 -
2024-06-17		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
player.spotim.market
R3		 2023-08-18 -
2023-11-16		 3 months crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-06-02 -
2023-12-02		 6 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05		 2023-07-26 -
2024-01-22		 6 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-11-09		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
s.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-07-31 -
2023-10-29		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
sync.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
player.adtelligent.com
R3		 2023-07-19 -
2023-10-17		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
ghb.spotim.market
ZeroSSL ECC Domain Secure Site CA		 2023-08-19 -
2023-11-17		 3 months crt.sh
p.medocdn.com
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
p.nodserving.com
R3		 2023-08-15 -
2023-11-13		 3 months crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2023-08-10 -
2023-11-08		 3 months crt.sh
*.iprom.net
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2023-03-22 -
2024-04-22		 a year crt.sh
*.turn.com
RapidSSL TLS RSA CA G1		 2023-03-22 -
2024-03-31		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-31 -
2023-10-29		 3 months crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2023-10-13		 3 months crt.sh
events-ssc.33across.com
GTS CA 1D4		 2023-08-28 -
2023-11-26		 3 months crt.sh
ssp.api.tappx.com
R3		 2023-08-20 -
2023-11-18		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
cdn.stickyadstv.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-09-06 -
2023-09-21		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-08-05 -
2023-11-03		 3 months crt.sh
dyn.omnitagjs.com
R3		 2023-07-10 -
2023-10-08		 3 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02		 2023-02-27 -
2023-11-07		 8 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
p.safeservingcdn.com
R3		 2023-08-17 -
2023-11-15		 3 months crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2022-12-22 -
2024-01-23		 a year crt.sh
*.connextra.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-28 -
2024-03-28		 a year crt.sh
*.getpublica.com
Amazon RSA 2048 M02		 2023-07-25 -
2024-08-22		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
itm.ivitrack.com
R3		 2023-08-16 -
2023-11-14		 3 months crt.sh
adxbid.info
E1		 2023-08-09 -
2023-11-07		 3 months crt.sh
*.betstream.betgenius.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-04 -
2024-07-03		 a year crt.sh
*.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-01 -
2023-10-02		 a year crt.sh

This page contains 424 frames:

Primary Page: https://www.shefinds.com/collections/walmart-packaging-change/
Frame ID: 2C8C1C20ECBD3A5244BBD0627D8FF8B1
Requests: 556 HTTP requests in this frame

Frame: https://www.shefinds.com/iframe-modal/
Frame ID: 5AC1B065EA49909DB4B32203B920E67C
Requests: 32 HTTP requests in this frame

Frame: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox.js?mb=1693794607317&lv=1
Frame ID: 9FCD92CB483F1C0D108B8767BBC9192F
Requests: 2 HTTP requests in this frame

Frame: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Frame ID: C598871CAF7440AC98B0824388333300
Requests: 24 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: ABFDCCA47C28F66555347D96B4DBBBB1
Requests: 1 HTTP requests in this frame

Frame: https://events.release.narrativ.com/api/v0/session.html
Frame ID: 4E2B5767C756F3581EF659E562377437
Requests: 1 HTTP requests in this frame

Frame: https://dd2df89f67b9745ba70681123dbca825.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B01881EF993C740594BC2ACE25D1E720
Requests: 1 HTTP requests in this frame

Frame: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Frame ID: 9C1873AF5D058A63B723959B9E40AE82
Requests: 23 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 91F71A60FFE8F87C96694E93170FAAA6
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: C1EE125BF446AE21313C40C8FC0E6888
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 33C419C8FBC479FAB7B7D11EA84B0923
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.shefinds.com&us_privacy=1---
Frame ID: DCEB9551A9D02C1F0F0AB3346344A7FB
Requests: 2 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 6E306E68EBAD7A5DE451D5604B0E6836
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 23BF9FA0B65F33D9295B58A77E73C10C
Requests: 7 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: DFF554E8228FBAA544A3B57834F83EFC
Requests: 14 HTTP requests in this frame

Frame: https://cdn.jwplayer.com/libraries/FUtg69tL.js
Frame ID: 87778B3C95808D3EA542B93973964DA5
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift
Frame ID: 700F7F70186DB52B660CE286418CAC96
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: ECE32E602CBDFE79DB097B033175627E
Requests: 6 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22articles%22%7D
Frame ID: 129E40D1FBFB2426DD1A0F17CE6063A5
Requests: 2 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 12C1F152AD0E677931AC1B2D91647A6E
Requests: 14 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: 52CF79C7DDFFC7025480EE540ED92247
Requests: 10 HTTP requests in this frame

Frame: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Frame ID: 45A026741F286123CD2D3D78B27BF5B2
Requests: 26 HTTP requests in this frame

Frame: https://sync.bfmio.com/syncb?pid=137
Frame ID: 358E2C0A7812C63FE9EB614EC610D563
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=acuity.com&id=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Frame ID: 1780B09F2C3C8DA20E3F88FD216016C5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 96B134CA13CC4EF9F24E4D4DDB90FE50
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=990277896830277133&gdpr=0&gdpr_consent=
Frame ID: DB88DEC004CEACC48BACD7319957B4B6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGxnXd9PrYuQMpHvCOAAAAAAA&expiration=1693881013&is_secure=true
Frame ID: F5C924DA1A6D424632967E10F9541B51
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Frame ID: FCB0576787180FE5F3E11CB694EA7D4F
Requests: 14 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: 221AE6BB144E2F6887822A3EBEAB2C82
Requests: 12 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: B5C5E751E0B61B296B97E32F123C8999
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 45BA115F0AF0BBCCAD1E0EC498489EEB
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: BF72EBF2C9BDCCFA70A796C1064AD0D1
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1TdmJjcmQ1RTJ1TFRZQUEwNHNXY0VGRWExMHc3RHB2Vn5B
Frame ID: 588568E5065662ABE99193AAEEF34CF3
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=2535980227366638075&ex=appnexus.com
Frame ID: FF0416880502C7AFEF9A87D4C469E056
Requests: 1 HTTP requests in this frame

Frame: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Frame ID: EBED22F01A81DEDDB24C08F10E67EAE4
Requests: 7 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Frame ID: 35F23A3424E4812EA3853FF268E1BD92
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4187545677285024608258
Frame ID: 1558F65DA3D7EF2661FBD22CADFE29E0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZPVBNgANs6j7wQAb&gdpr=&gdpr_consent=&_test=ZPVBNgANs6j7wQAb
Frame ID: 0E0AFAC7166499C5627A31C35E6CB980
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: E6CD31FB87450B874DD0F38A99F38830
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 0302A5260E58AEB6858B2EB0E1709804
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=3175ac58-0d9d-47aa-b429-d8f42e050f30
Frame ID: FCBBD8C7540EE4100A74B357F3CA967F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZPVBNsCo8YsAANAJGzcAAAAA
Frame ID: 3CDFDCDF77A63D1467C4A7C482B50A1D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Frame ID: 471BD669DFF9DAEF3EE2282FE5A73EE2
Requests: 16 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Frame ID: 51F8EBC15321EABF57357286E046EB2D
Requests: 3 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Frame ID: 6BE112720ADC40E1B72D73127E4C74AD
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum&tc=1
Frame ID: 2F8145B27C6BCF6201DA0C87625B7B22
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 2E448D2362FB41ABF364AAF16B61DAB6
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: C8B730A252710066E4CC225909E72B15
Requests: 6 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: BDE9644E7B8260EB3E058C380147D878
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: CC71D63D6DBB6F5C427C278569549827
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: A5BD536DDF6CB5074824D93AB990B4D9
Requests: 25 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 6B4A7B3C916689423301BB9E525F80E8
Requests: 24 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 379DC12345967E318018B2ACF06C81B3
Requests: 24 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930203&campId=970x250&pubId=15403870&chanId=227445190&placementId=5748882211&pubCreative=138357559817&pubOrder=2876985011&cb=1475284485&adsafe_par&impId=f7d00b9a-4aca-11ee-b76d-02210cbb4ca3&custom2=flxban&custom3=1
Frame ID: EB55A3BCDD4E1FC70F99BA1075306088
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 4CDFA436E429B5E05D76C7833E6651CB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 9A34DAB9B3DDA742B69DD24EEA45C301
Requests: 3 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930203&campId=728x90&pubId=15403870&chanId=227445190&placementId=5749486547&pubCreative=138357597360&pubOrder=2876985011&cb=365862287&adsafe_par&impId=f7d00b9b-4aca-11ee-b76d-02210cbb4ca3&custom2=frame2&custom3=s1
Frame ID: 740E919EBF6145E4BECAE3F952016846
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930203&campId=300x250&pubId=15403870&chanId=227445190&placementId=5747529099&pubCreative=138357532778&pubOrder=2876985011&cb=275990459&adsafe_par&impId=f7d00b9c-4aca-11ee-b76d-02210cbb4ca3&custom2=flxrec&custom3=1
Frame ID: C1738E029C4D18F052A4330232A16928
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Frame ID: 5F1A5611EC608BDE7DF9C091CEDA61E3
Requests: 15 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Frame ID: DF0DBB15C2B1A975FF99839CFDEFBBD5
Requests: 3 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: 4798B627C1873F4A0A1FC4E12E90D94D
Requests: 97 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: B3F98AC9BBAF444905C6CBBDF15A9CC0
Requests: 96 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&redir=true&gdpr=0&gdpr_consent=
Frame ID: C2CEE205A5BB608A003E5F6905105E33
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 5FD7D75839DD7CD196E89E4DB6B03016
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930203&campId=300x600&pubId=15403870&chanId=227445190&placementId=5749534799&pubCreative=138357940384&pubOrder=2876985011&cb=1908282859&adsafe_par&impId=f7d00b9d-4aca-11ee-b76d-02210cbb4ca3&custom2=flxrec&custom3=2
Frame ID: 3E69F376581506D1A9CEC13BA2B7EF19
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930203&campId=300x250&pubId=15403870&chanId=227445190&placementId=5749533821&pubCreative=138357939916&pubOrder=2876985011&cb=1193819157&adsafe_par&impId=f7d00b9e-4aca-11ee-b76d-02210cbb4ca3&custom2=mrec&custom3=1
Frame ID: 652016C5D032CD150949BA4B07B64A8A
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?us_privacy=1---&
Frame ID: 13997325FD25371417E4E09C2CB47609
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 903AB568077E3175AD0C4E318BD39610
Requests: 2 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCrYBShB3d3cuc2hlZmluZHMuY29tUgthYXMtNWI4NDI0NVoIcGJhMS4zLjJqEHd3dy5zaGVmaW5kcy5jb236AQY3LjQwLjDoAgGIA7SC1acGqANj6gMkZmUyOWU3OTktOWIxYy00OTdlLWJhYmQtNzlmNjNhZGI2N2I2qgQDRENIsgUDVVNE0gUEMTEyNtgFAeAFAeoFB2Rlc2t0b3D6BQNueTWqBwN3ZWLKBwxzaGVmaW5kcy5jb20
Frame ID: E176DF389A6005390967DDD5FA48CDC7
Requests: 16 HTTP requests in this frame

Frame: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=akfs9es1693794613111&usPrivacy=1---
Frame ID: F8333A25C70FAF78AB166900C51FB87D
Requests: 2 HTTP requests in this frame

Frame: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Frame ID: FD87918F7D3E2C4227F007FA0B64A8BA
Requests: 19 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B541CBEE14650551F2A6A37D5B05755B
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 2294448607312DA0CE802ACD077B6976
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: 1FBDFD9A562B348643AA83A452A66FED
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Frame ID: 5BC4F948AD26AC1AB358C133A876A8A0
Requests: 13 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Frame ID: D57DE6295C688E0D8349E3B5629F0045
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 29053EE73FECE161EFD0287C1ECA4EBB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: A4578651ABD3A9FE9F714176F0FB1115
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Frame ID: D377693457CFE795CAD4B788BCBA4DC0
Requests: 3 HTTP requests in this frame

Frame: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Frame ID: 008B1DA7E87C186712FFE81E0E3CFE17
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Frame ID: A6F6C52E81E28BC2D612451A8D5A6649
Requests: 11 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
Frame ID: F416356C2EDE4A60A1F92268BFA7A1EE
Requests: 6 HTTP requests in this frame

Frame: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Frame ID: 3DCBFF3E01FE7AB0B7709FCE46CDC0B6
Requests: 6 HTTP requests in this frame

Frame: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Frame ID: EECB43CD735A5D61511E153D1BEAE2D8
Requests: 20 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75601b04186d260
Frame ID: CDD1E673A82B8346B16369A636E95A1B
Requests: 13 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
Frame ID: CB7D7EF8EAADF80FF3FCBB244F6D8287
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=y2aI2Ueo8q3c&ev=1&us_privacy=1---&pid=562983
Frame ID: 11AB5E66B84998F5788E95196B89B137
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F2707447713F344D0B4A924C345E8A16
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Frame ID: F25A2BF17F53896A06F80A93CA3CFC73
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Frame ID: CCFE686513B5393BCC28B0E263B7FF4C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 592654D64A51B2438D94B809C9260692
Requests: 2 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 69955F1B6FCA3DC2E4B871CBCDEEFF42
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: AADAB393623A674DEF89943CB68EA04E
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 42EEA1705CA61ED792CFBE920A424FA5
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C292AB6ABDA786CB582227701E994F10
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 33B5378192BA527C7448FB4B9E792384
Requests: 1 HTTP requests in this frame

Frame: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Frame ID: AFD0295DF203BC4B07D26CE5148A5DB4
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: D6683981E3B1DBA909D56C2EC2EBB9DC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 8376723C4E89C8FD74ACA18CF1776212
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: A6444E03A6B65E17747F5CE7B9D3D7F1
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Frame ID: 5BA11FEBB5474CF749055281D0AA7C08
Requests: 11 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Frame ID: 4D71628772CE8930151748CE527B8C8F
Requests: 6 HTTP requests in this frame

Frame: https://get.s-onetag.com/underground-sync-portal/Portal.html
Frame ID: AED1F09ECAADB5EB916B4A6AD8C467B9
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 951C24299B9C93B2F916BD9AF80767E4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3D2AFB0B68CFB3ACDBA4A3C02397551A
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 48B0A4F49D906F08F93C659985BEF0F4
Requests: 5 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 05452F7EE9AF95C5EA6BED393AD8EFB8
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: A30BBD0568A3609E87A2C029CAC033D5
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 57554CDBC2AD806D02554BB8323932CA
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Frame ID: 903520D9868B9B7A4374A087F5A8EE7A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Frame ID: 38A40028B686626103C6A1C76671A971
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: B28BFBE567BA99F75E024230A5BEED21
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Frame ID: 693E2187E8D73DCDA83558E95B4748A7
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=644680&extuid=4187545677285024608258
Frame ID: 5F2A85F6C4D91D49988DD8BA2EE5AF70
Requests: 1 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: 83AB1FBF767699A75E87D221E12C2946
Requests: 1 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: 7BA1F7A65AD689BAF96C41A8A7CEF319
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACX7E7J6oIAACoiJc0fIg&gdpr=0&gdpr_consent=
Frame ID: 11E9A9D908D403D3AAF931ACF38EF404
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2535980227366638075&gdpr=0&gdpr_consent=
Frame ID: E6F3FED2F5C6B45F5CCA9C1251E32BE2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=fae2f914-4aca-11ee-872e-d4bc0acdf791
Frame ID: 5EE5D2D58E63F7F2616E9F3FB93428C7
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_a1f61cad865644a2aaed7
Frame ID: EEFAB4854D9E3CF82F944CE86465CF2E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=go-ic4CK93aZ3_EnjNnpc4bf8H-Zj_wngolFna6g
Frame ID: D43B85A5F0D9B8291AB1883E1920F23F
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: DE93897B79140763A14430C2AC4F6FC0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 81EF102BA66709D83C83E0767D9BB15B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 9D687338B998310E3E6D1CBAC05B3DBF
Requests: 1 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: D3A41ECD61F8664D22A7C629B9F89313
Requests: 1 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: A706C27E6529085C2E6BB1A21EA6F6C1
Requests: 1 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: 4697CC56CCD67B685879421C1BB06E7E
Requests: 1 HTTP requests in this frame

Frame: https://p.medocdn.com/prebidlink/19604/j.html?i=11596
Frame ID: 8419E677541817252CE424D43D927B34
Requests: 19 HTTP requests in this frame

Frame: https://p.nodserving.com/prebidlink/19604/j.html?i=11600
Frame ID: 792309896993F4C0272361BE80106078
Requests: 20 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 91A3CEC76D41EFF283F922605B905C0A
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 89D156CCCE58E5871BC6A9DE67E1C926
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: BB258624DB6EDAA52D71A1F09F891A76
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: AB004D705F0F6A18E195F7456C3AD833
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 4B6D9123F1B6277C35B32CF3089A6069
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: E88039882A60315F8A3D24505CEF2448
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=822877106412
Frame ID: A91652CDD5ED155A817018494C5314C0
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: C95C47907CEB10E9360C0432A7E272D8
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Frame ID: EAB02F010701A8390FBA413D2E78178B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=aSNLhRAjA0awXQ-rPEH1ZA
Frame ID: AA20B411AB54140ACFB82B0FFC1F0C4A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Frame ID: 2A1D3264CBA5EAC8BEB1F32960554729
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 089CA9C2C496A55C1D3F4326AF63D0F9
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 49BFD2068A086883319F1C7A11690A9F
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: E9238B139EF65F236024D895D953870C
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: C337DFE4F1A85EEC89B6EB21DB1E0EC9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 8978253EE95D6C8A3C4DEFDCD7DA7AA0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7470810201041396218
Frame ID: 4A89DEA93B85AFAA08C432B61D5CA357
Requests: 1 HTTP requests in this frame

Frame: https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 842B815788CFE2B1C1A9BC1568F2D0F7
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Frame ID: 4C1F37DD3327344ACDFAA683D1C6E40A
Requests: 10 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=55&key=2535980227366638075
Frame ID: 4BFEDC656493ADC915D307064CED8AAA
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=200&key=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Frame ID: D4FD222978141DED12508F4362CFF8D9
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Frame ID: 8400FFF9F2DC2B398DC103BE93A50C91
Requests: 6 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 4F6C246D0ABD7525CC5CAC4252F47482
Requests: 3 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=72&pid=5e0e296628a061270b21ccab&key=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Frame ID: 26D1485F12863ED8606BFD1556F87E7D
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=23&key=6aee4e26-3af0-036a-2493-7dba72640ec7
Frame ID: 8D306B9D825B2F7EBD0C0E616B69366A
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D1%26key%3D
Frame ID: DC1261E7412D785FC04F41A215AF900D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=[AV_GDPR]&gdpr_consent=[AV_CONSENT]&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 4443A6EED7263DD3BD5285F211746ED0
Requests: 5 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=18&key=HQzWZQZHTprevADoQOeL11M1
Frame ID: CE97F22696A73743627513CE6ACCC4B1
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=41&pid=5e0e296628a061270b21ccab&key=4187545677285024608258
Frame ID: D5B6AB8BDEA391492177FB1B375C5B3A
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=62dea72e53dc2e243a2a2635d13fb7b&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: ACEED0ACB49F637CDB94D52424C73486
Requests: 1 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Frame ID: A03438AA0300D217F409B204D6C78597
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?biddername=142&key=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
Frame ID: 3D2D31C3A43D2974207E99548BD3A9CC
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=60&key=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Frame ID: DC05BF042E268744C961FA5390E85625
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=aniview
Frame ID: 1867E40E2E878C234FB0FFD9992791ED
Requests: 29 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D80%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BpartnerId%7D
Frame ID: C48D1112AE54F4AF8AF93921A67204BB
Requests: 4 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: D1D23D258E01792D1F7A5C6C00217130
Requests: 5 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: AF108CD249F6E42A2E18703C3FE10D37
Requests: 26 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 719E22A6899B42FE36AFA930A49D2ECC
Requests: 11 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: E9D4605C6BFF4AABBB969B2C643B1F01
Requests: 4 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 0B7D4FBC683175874143D8BDFBEAE823
Requests: 4 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: ABDE8346475FF4609BFD64CEB42D7D05
Requests: 9 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930203&campId=728x90&pubId=15403870&chanId=227445190&placementId=5064405287&pubCreative=138308429214&pubOrder=2543335655&cb=694442760&adsafe_par&impId=fc2b2809-4aca-11ee-b76b-0e5bb606f9c9&custom2=ban&custom3=1
Frame ID: FEA29A2CAD2D426B766C1746B4C9C821
Requests: 2 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=281178&extuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 57DF98A3706F60AF3050E86C4F245152
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=930203&campId=300x600&pubId=15403870&chanId=227445190&placementId=239329990&pubCreative=138297011555&pubOrder=483446470&cb=2031378576&adsafe_par&impId=fc2b280a-4aca-11ee-b76b-0e5bb606f9c9&custom2=flxrec&custom3=3
Frame ID: DD914B7DB49B0BF98A51AF11A6ED8401
Requests: 2 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=1&key=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 063902CDE5F785EB4FB20759D0D6AAA5
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 60700D8A34A455552B261D6777419419
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: A84A144C16ADEDA4A16352FBA357D0B2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Frame ID: 4EB6F4E7A70BB4C15338A2FFEB5CBC86
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Frame ID: 40DA487D5F428229D443D1AC79442AD0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 60CA0BCAB5103197DB811905EB727F48
Requests: 2 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 85EEE4C4B46ACC7E79EB680F3007C800
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 77A5B21B03778B8102EDD74D33C84A4A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: E37FF5A7E31C66D037B7D2CA074E401B
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: B3BE5DBF31F1E84BBF9DA95790A7DDC7
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: DB7AFD95A5645FED38E71C75F027F915
Requests: 8 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Frame ID: 83218589A29D75D204A5F190A3439191
Requests: 13 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 7CFF6928AD6B095152EC6510691E8EF1
Requests: 3 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: B1D00CD41899F12EE202127D2B302F24
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Frame ID: 6A0E7360CD33F72642926732241673E1
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 8B39C7E6AA717A8A8AFE0B801F9F550A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Frame ID: 1D42D1DCD645AF0DF27CBB90E694873E
Requests: 3 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 610E6E15EBAD24AE27B0E96BA2D7534F
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Frame ID: 2AF4B79364C86E923838EFBB8E0E0CA2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Frame ID: CF7012F26B6F2CCC17C5296F3A81B3B7
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: EA4B887B933C220291B2A2C80F040AAB
Requests: 3 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=448580&extuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: CA2D077007E129173F49E75B6119708A
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Frame ID: DE9EBB4284D9A87DD16277A52E842E29
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657024
Frame ID: B92CA92D53CF37F2E3EEB440BDF63C44
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Frame ID: 4F8633614B6A291BB257CD85CF10823E
Requests: 1 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Frame ID: EF3F33D959B11E1A488376A8AC716E70
Requests: 53 HTTP requests in this frame

Frame: https://5c6f324fe02b48e91c788ce69d0dbd42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 8A82EAC9DFFC6EE05AE5E369FA25B4BB
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Frame ID: B5C3E1EA2BC81A8A220D0BF36A02A24B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 16A83517F5251AAFFEB00096F0612241
Requests: 1 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=50&type=iframe&id=640113117700930142&auxuid=
Frame ID: 7BB23D1DF2C787F09D06517F71F26456
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Frame ID: 64752819F9E553336C6AFC34CC339343
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Frame ID: 606B5068EE83447B722EBF0122D10498
Requests: 3 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HQzWZQZHTprevADoQOeL11M1&auxuid=
Frame ID: AAC7E6B0E3506631FB5BCF739D797555
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Frame ID: 00B6536096FA150850A006E30F8CE963
Requests: 7 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A7298272160482644129&auxuid=
Frame ID: F1E9F3CCFD5A2A0E61CBBB7317FCF2DE
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Frame ID: F4C3FA781B8C5CAFA1E17832E074D539
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 8D988DDF0D239CF5902B424FFEEC972A
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 37CADF2852680FCC00D25748BAA75A6B
Requests: 8 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 840C753B0564979E07100CE545FCDD52
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 19F0CF996FCF2ECDB412DADA55C211B4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: F2B56F3D41B58CBC039536AC8CDF988C
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 0F45806C59B099BA7CFA627B215681B6
Requests: 3 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 8316735C3C6BD7F480F2EFFF28026E83
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: EF612D67DC6489B9256B927F53E13099
Requests: 1 HTTP requests in this frame

Frame: https://2764921fbb442ed2ee8be03cdb4b7c51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 503996F12ECDD2A7F6B3547F2D7840EE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C07370CBD0E98EE71BBC53F67886C6E9
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: C88B5830FBAD352008BDF32045170215
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Frame ID: AC9D44D440981368EC6462CBCA85BCDF
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/152media
Frame ID: 3BFC21ABC6C2BDF3DFAE1144777ADDF9
Requests: 9 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: 565DAA4BB4CD79BE905CC018DC2D9863
Requests: 12 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: D3F604BC36918DA8AB69105DB719E1A6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 98493CFC557A2B4C04E8480E545EB30B
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 940480FF92430166C5F66BA72FC6D967
Requests: 3 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=76&type=iframe&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&auxuid=
Frame ID: D78BCFAA4FF73E6E7F07EF355EA6F7B8
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5856A4557FF04DAA1605447F4D24388F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 753184EEEF986B80A3685C8E027E9C22
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyfKISjoED4IH8UURYBhZGhscD6q4prWiG0pSjNLS8nHzo15AkYPS7Wv4RAqn-TaNFmTrM3GFmdoBEipOPN2-Hx2hD9d7Gye0bmtfVz_GBs5OPt2YcmesUexrGQ-lyVEEMEQ-upIEuRXJwzg_z43q6GlEB-lnltxnDbvTMRnUGS1CmBT6h2NYBD6tq86Khb78pbzPOSMp_UUfGnZ4FY-z6L9VqNngfgUyKoYI_oEmgrgy9YuvwjKSFYjwIWj4EWwspDcTZqWCSHSIPb_gecBJDeY2cR6tJ4Rz5NMQExZowOJAsecgxjtA7pPiCnFIU7QdybbxaAyXB-Kk&sai=AMfl-YRjGyu7piKwi_hlW4tN_VCpahi5I6yW_CKx6dGdQ2PV9OWaAkv9SVYKXUhYMdzxkn77fRU9kC6X87Y4cHNy305YcX54E9UDt9fGsxOxgtRgBSdwI7ImwBcg8jZTCNQ&sig=Cg0ArKJSzPQCSyXqNLdiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6A0D2D35AB0D9E0BC75C6C2218A26CF6
Requests: 17 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0317DE8BA5C3C4973DD38E0329A4D5D0
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E9C3B6C59080F01B38817D333AE02980
Requests: 1 HTTP requests in this frame

Frame: https://ads.shemedia.com/static/optoutstatus.html
Frame ID: 777CE22BA5442E1312151AAA9A00669E
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Frame ID: BFD7FA8D5506277CD9BD3EAACACE3002
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk56vCRarn8FuJ0kXuRTkZlrFjE-d7ryGVx-RQdTuDXmSFCZJmHGnVj0MZ8leMHowyN4NRR2Os8ok6Xafq2OSMVimQHgz-mFSncZJWkNuiidrg0sZ05Mv5dpFyEvztXqa703QzWx7_IF-EqTbf_3SKoA25gVDfIF8nOOpAtPfjJDsiaODuchgCLNgCAsv0hYRVLY2_DUB0NR_KU7cMRc8ZJtb2VAWL-tBmrOR5_myp6o-1XA58kn_6sobD9BPBrDXh5vXI8xLUQVNnSb94w_Gu1VvFu8Izriaip4jQiYVJ6KCsGX4bQP5BGfg_mLXXwF4juQt-NvzWYfI&sai=AMfl-YSBIOEQcMMcHXdh5cpdl7as82CDrn8GQIr2CTOZfLHJi6IxS-nQgHbNqv8F6REep9nnNRULrJai-0Em-LBcG0kSxQvgG316O6aoVLNTZOcSRgiDUpZfCGauQhU8bRU&sig=Cg0ArKJSzEPIvqh0Qg-TEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 260DC77E313CE44DC4A233E2152EE7F0
Requests: 17 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: F0FA1AEE3B04B858B453F82DECEB6026
Requests: 9 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: D84F48C1F3180AF44E09560DE6ECFF8B
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: F733A3DD15DC3EE8BE55964D3599A9E1
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 7FD010A2465878912ECC62DF37A3EFF6
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: C2376F90D0AEED7044987C375B8DCE8F
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 4E979471C85B6581ED7EF8286EC62AC4
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 796C4042BC6AB212738C4518F5401CEE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3D48CF08309ED0D854B632C68DDB73E
Requests: 2 HTTP requests in this frame

Frame: https://prebid-server.rubiconproject.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: A21BD141F0A54D3409CF6307D52DA225
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Frame ID: A21098E38192DDE7DE78ECFB96E90B37
Requests: 12 HTTP requests in this frame

Frame: https://ads.blogherads.com/static/outstream-creative.js
Frame ID: 892231787A040BCA9E6CE5F1391E4865
Requests: 7 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657027
Frame ID: 2A606F12682D7130D6E0EEDB33F40CE6
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 6301898B7E8BED44746BA4FA4723434C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CF20B37B9DFB9EF4020BEC97A1734641
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F108A621F64A3ABED13E5AC513A40A9F
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: D9CFA1B5689157EBDB6FB9ECD8AC2309
Requests: 9 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Frame ID: 9AC9F98349195801E8A76B4EBAC677A7
Requests: 4 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 11577D3D80EBBBB3431C2DA1A944272B
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Frame ID: 6B732B67E010190D1D3204A46A5C1BF1
Requests: 5 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657027
Frame ID: 132C94729FF81FABB1CCC020C974C04C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: ABDAB56AF883A4879919B4D2CB133B15
Requests: 9 HTTP requests in this frame

Frame: https://p.safeservingcdn.com/prebidlink/19604/j.html?i=11598
Frame ID: 63B377526CE9959B462512F7CF8715B9
Requests: 19 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Frame ID: AF1D05212FBEEB551180465C03508B4B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1693794624347&us_privacy=1---
Frame ID: ED05D219A2BECC747E35928F21228399
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Frame ID: E044E435A99D2720BC51FFF5A9CC35F5
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 25464AF9083A26E3FA04AD8B6A54A52C
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 828B8EC8FA7EA05FA86003B669A67A28
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 4C88E94E50AC3B5B68A89B058CE40B2F
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 269D80DCAD9C6542369AD2C006293305
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: A50B9992C3F7D1861146DB936943DE69
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 073DA827EA2B5A8A4BB6D9D32A4E1D36
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 0964CA818566416B14137164DB6A0081
Requests: 1 HTTP requests in this frame

Frame: https://cdn.deepintent.com/syncpixel.html
Frame ID: 65E6E817380008C6D02425B50997216E
Requests: 9 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Frame ID: EAE33A9957D3824123A2DCAB49E1661E
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: B90F1C630CF6B2808CB2EBEBC18A70C8
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: B29052DA2C9F4B8C27347BEF0D3A5DB8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6C1E311442601B6A50A559CBBDD37A5D
Requests: 3 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657028
Frame ID: FA68BC46DEE7AA72DC959EAD1E8536CC
Requests: 1 HTTP requests in this frame

Frame: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QKVD_BMlQcAAAMA1gAFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjKjYJkx0bgXhdwz8RJgRpzhMyvD8ZAAAAoEfhGEAhJgRpzhMyvD8pkx0JJNAxAAAA4KNw5T8w_JHNDDjwO0CYOUgCUJTPjNwBWOPHWWAAaKawZHiRzQWAAQGKAQNVU0SSAQEG8EyYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoCaXVmKCdhJywgMzg3MTg3MywgMCk7dWYoJ2knLCA3NDU4MDU1LCAwKQUULGcnLCAyMjAxODc2ORUpAHMBFRw4NzcyMzg4NBUWMHInLCA0NjE1ODAxODAFFvQ-AZIC1QQhWm51SUJ3aVV3cHNiRUpUUGpOd0JHQUFnNDhkWk1BQTRBRUFBU0pnNVVQeVJ6UXhZQUdCTGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRSGMzTk1KVjEzRFA4RUIzTnpUQ1ZkZHd6X0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCaDVySEFfVUJtcG1aUHBnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FJQURBWmdEQWFJRERnal8yYjB0RUFFWUFpMmFtWmstb2dNT0NQX1p2UzBRQ3hnQ0xacVptVDY2QXdsT1dVMHlPalUxT1REZ0E3UkVnQVM4eS1jTGlBVHd6T2NMa0FRQm1BUUJ3UVFBQUEBwQGMAGsRwQHEFFlCQUR4QgELDQFcaUFYV0s1QUY0NDFYbUFYc29wbUpBYWtGDR8UQThELXhCMRBAQUFBd1FVQUFBQkFNelBUUDguKAAEX1IuKAAAMgUoAQHwQ0R3UC1BRm1YYndCZEgxdndyNEJZR3A3QUdDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCdHY1Zm1xOGRPOF9xQVlFc2dZa0NRAUgJAQBFHYwARx0MAEkdDKh1QVlLLUFmNTB3ajRCLUhYQ1BnSG50c0ktQWV5X1FnLpoCmQEhMnhVVFdROlkCqE9QSFdTQUFLQUF4Ml9sLWFyeDA3ejg2Q1U1WlRUSTZOVFU1TUVDMFJFa0EJjwxEd1AxPWAARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRERDwXkR3UHcuLtgCytMC4AKLrTzqAj5odHRwczovL3d3dy5zaGVmaW5kcy5jb20vY29sbGVjdGlvbnMvd2FsbWFydC1wYWNrYWdpbmctY2hhbmdlL_ICEQoGQURWX0lEEgczaa8c8gISCgZDUEcBFAAIcZsBFQgFQ1ABFAAJdZoQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEgBzc0NTgwNTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwfYADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYA4_0I-ADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECzk2LjkuMjQ5LjQ1qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQONzMyMCNOWU0yOjU1OTDaBAIIAeAEAPAElKGGdPoEEgkAAABgf3FFQBEAAAAAIrlTwIgFAZgFAKAF_xEBoAGqBSBiMDRiYzM4NjU4ZjA0N2FjMDExNTQ2NTliYmFiZmJjZMAFAMkFAUIYAADwP9IFCQFXBQE02AUB4AUB8AWCkDL6BQQBpjSQBgCYBgCiBg43NjY0IwWbIDY0MTW4BgDBBgUzLADwP9AGqSXaBhYKEAkRGQFgEAAYAOAGAfIGhwEI441XEoABckJPMk9sb0Hq2ERBQWtDQlFFSS1hcndDUkNEX2JBQ0dLWGx0QUlnQnlnQVFOeVE4UVJJaTRuRENsQzBSRmlQTW5R-ARBQWEIBGdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAB4QS4ugAcBiAcAoAcBugcIKgQxLS0tQAHIB5HNBdIHDS0GBDBAAbcI2gcGAf-sGADgBwDqBwIIAPAHg8mJBooIAhAAlQgAAIA_mAgBwAjK0wLSCAYIABAAGAA.&s=7d65d1d53cd2f58cf2d8b1f0515cdb449ac0c01b&pp=0.11
Frame ID: 4A2B23C9B17750CF722732D7EB764B35
Requests: 5 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DB8A04E716AA201BF83F4F203039D31F
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3E3FCB9DA441E77C8DB05B9BA7BDB7F1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4B6D7D0B65B7028D98A571208411D9F4
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: FB4A644455AB5021EBE1E12B70B7AA58
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2C015CD898BE147322A2363896352DD5
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3CE77EC4DDDBDB7BEAA54CEDAD0AEF72
Requests: 1 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A7298272160482644129&auxuid=
Frame ID: 420E4134B4AF20F51173947C7BD3AF1E
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C437A00583A24143920116231E3545BE
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 19EDE7F03D97A41007D5FE84CFAF62BC
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D59B3FF8D0A72FC55C76775CDCBFA433
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D60F00C588C621011116139629DCD8C8
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5E14D4C32CE9002589BFA7F4C8C8F400
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 20646370F2D9790673F69C1FEA78027F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1693794624529&us_privacy=1---
Frame ID: 9C37238A635AC2696A033CCC8CD949C2
Requests: 2 HTTP requests in this frame

Frame: https://cdn.deepintent.com/syncpixel.html
Frame ID: 8FBCE3A669CEFDDB069073667DF4430E
Requests: 9 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 1C9FAE80EB1135C8A3706733EB800983
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Frame ID: 78C46BEC461001C63F3B465F803922B2
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A25910D8ED735363A1B7347AD0C5D7CC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: B544495C1533FD83583AD530E2229714
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 732882A0CCE945EC54E078FE36F0015A
Requests: 3 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: 52FA86DE150435F8806F0158F7D14B0C
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 34538EF533EBD55FDE430733D2B66ABD
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: BF1462F533EC3293864764D26152F298
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Frame ID: C5A7EE41F1AE78FB7C86BD9CD2E92B52
Requests: 1 HTTP requests in this frame

Frame: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QKVD_BMlQcAAAMA1gAFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjKjYJkx0bgXhdwz8RJgRpzhMyvD8ZAAAAoEfhGEAhJgRpzhMyvD8pkx0JJNAxAAAA4KNw5T8w_JHNDDjwO0CYOUgCUJTPjNwBWOPHWWAAaKawZHiV5gKAAQGKAQNVU0SSAQEG8EyYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoCaXVmKCdhJywgMzg3MTg3MywgMCk7dWYoJ2knLCA3NDU4MDU1LCAwKQUULGcnLCAyMjAxODc2ORUpAHMBFRw4NzcyMzg4NBUWMHInLCA0NjE1ODAxODAFFvQ-AZIC1QQhRjN2QXpnaVV3cHNiRUpUUGpOd0JHQUFnNDhkWk1BQTRBRUFBU0pnNVVQeVJ6UXhZQUdCTGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRSGMzTk1KVjEzRFA4RUIzTnpUQ1ZkZHd6X0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCaDVySEFfVUJtcG1aUHBnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FJQURBWmdEQWFJRERnal8yYjB0RUFFWUFpMmFtWmstb2dNT0NQX1p2UzBRQ3hnQ0xacVptVDY2QXdsT1dVMHlPalV4TXpYZ0E3UkVnQVM4eS1jTGlBVHd6T2NMa0FRQm1BUUJ3UVFBQUEBwQGMAGsRwQHEFFlCQUR4QgELDQFcaUFXUEtKQUY0NDFYbUFYc29wbUpBYWtGDR8UQThELXhCMRBAQUFBd1FVQUFBQkFNelBUUDguKAAEX1IuKAAAMgUoAQHwQ0R3UC1BRm1YYndCZEgxdndyNEJZR3A3QUdDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCdHY1Zm1xOGRPOF9xQVlFc2dZa0NRAUgJAQBFHYwARx0MAEkdDKh1QVlLLUFmNTB3ajRCLUhYQ1BnSG50c0ktQWV5X1FnLpoCmQEhMWhXblZ3OlkCqE9QSFdTQUFLQUF4Ml9sLWFyeDA3ejg2Q1U1WlRUSTZOVEV6TlVDMFJFa0EJjwxEd1AxPWAARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRERDwXkR3UHcuLtgCytMC4AKLrTzqAj5odHRwczovL3d3dy5zaGVmaW5kcy5jb20vY29sbGVjdGlvbnMvd2FsbWFydC1wYWNrYWdpbmctY2hhbmdlL_ICEQoGQURWX0lEEgczaa8c8gISCgZDUEcBFAAIcZsBFQgFQ1ABFAAJdZoQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEgBzc0NTgwNTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwfYADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYA4_0I-ADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECzk2LjkuMjQ5LjQ1qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQONzMyMCNOWU0yOjUxMzXaBAIIAeAEAPAElKGGdPoEEgkAAABgf3FFQBEAAAAAIrlTwIgFAZgFAKAF_xEBoAGqBSAwNDUyMmY4MGI1M2M0MTIyZTg5N2ExZDYwNTEzYjhlOcAFAMkFAUIYAADwP9IFCQFXBQE02AUB4AUB8AWCkDL6BQQBpjSQBgCYBgCiBg43NjY0IwmbHDAxM7gGAMEGBTMsAPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQjjjVcSgAFweFBXT1ZvQerYREFBa0NCUUVJLWFyd0NSQ0RfYkFDR0tYbHRBSWdCeWdBUU55UThRUklpNG5EQ2xDMFJGaVZKM1H4BEFBYQgEZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gAHhBLi6ABwGIBwCgBwG6BwgqBDEtLS1AAcgHleYC0gcNLQYEMEABtwjaBwYB_6wYAOAHAOoHAggA8AeDyYkGiggCEACVCAAAgD-YCAHACMrTAtIIBggAEAAYAA..&s=76a50e03ed08ef7c3f3d1d019caf7b827b9a2789&pp=0.11
Frame ID: DA3638FEFBE05CC86BD93138936FE9BF
Requests: 5 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Frame ID: 1BA37DB03DAF2F2BE7D6EAD17ABAC005
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Frame ID: ACC7E2CE471F935601179D67EDCD5508
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: C8B8BC9EF69A7E085ED7EF4D04C698C5
Requests: 2 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: E255FA8BFC594B5BF5379CC577BDD286
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 0D59F898E7CE5FA973B180AACC6D5E1F
Requests: 1 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A7298272160482644129&auxuid=
Frame ID: F65B9964C36DDAF16F354F2A6E45A005
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 781DAA350EF55B365263900E371948F5
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 31696545A0FB1915A0149C6C5DF0A0EC
Requests: 10 HTTP requests in this frame

Frame: https://ssl.connextra.com/MGM_Sportsbook_Casino/selector/client?client=MGM_Sportsbook_Casino&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&_cb=1055072647&apnauc=1394488214963540437&bidid=1394488214963540437&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click2?e=wqT_3QKcAfCbnAAAAAMAxBkFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGRzQWIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA/s=62b70b462f96402e750fa289100f32ab25ef6422/bcr=AAAAAAAA8D8=/cnd=%212xUTWQiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTU5MEC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjU1OTA=/bn=91793/clickenc=
Frame ID: 76655BCABF17E63BE9E43DDC228B1763
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Frame ID: DC0B058C2A0C9266983D46B565F2EA7A
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Frame ID: CDD3AA831F4E74C1FCDED0183D348362
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/152media
Frame ID: E83B14C2DA2E62B79F03C9F06BB0AFBB
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Frame ID: 674F2C2DAB4BCBD3FD9F7F46FE060945
Requests: 3 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 963FB1E58E57C02B709A177AB321D2C0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: 4AF22AACCF194803B7A24FB48AA1DD0F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A1D2AD695696920FC82AC80FD40B64AF
Requests: 1 HTTP requests in this frame

Frame: https://ssl.connextra.com/MGM_Sportsbook_Casino/selector/client?client=MGM_Sportsbook_Casino&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&_cb=818364304&apnauc=6702190739669195407&bidid=6702190739669195407&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click2?e=wqT_3QKcAfCbnAAAAAMAxBkFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGV5gKIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA/s=9a6224c8146022cc29362a1f7d0f14dcc191a041/bcr=AAAAAAAA8D8=/cnd=%211hWnVwiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTEzNUC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjUxMzU=/bn=45845/clickenc=
Frame ID: 708DF69CBB5D01BB953E15CE1F17652B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Frame ID: 124D7B01042FDFF63F1402CBA946F667
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 73872E87E523CC1F36412E8242EB6C1A
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 5B0651B6718F0893D4892E72ED8FDCB1
Requests: 10 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 57FB26EF9E25E5145C56263607B4F08F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Frame ID: 8A7035A9D85F471D4F897522B2430945
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/152mediaweb
Frame ID: FBE12E6B73346B9D295A4AD237768E46
Requests: 9 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Frame ID: 7262EC66B7C27CF1EBA95B3D0554D9E9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Frame ID: F18E7735A44C5326780D038559AA88BD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: FB8CADCF6D736B0D4114F5A119A67219
Requests: 2 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: BD8DA2B201215E93137B49DAA40B0011
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 6AF73F50A6924A00A9C952D86148DE84
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 568A7493B1F2F9DEE9AEF6E98C8AADEB
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2038F6C3703548ADAB650246A667E9C3
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: E0AF57E1C4F9C30C47103B3314EFF4BA
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 25CB71592071D031DCFE282E1001CDC1
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: 2D09689EA01C8C18B4D46D353A2E44E2
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 92EDA009DE07DDDA9E5ECC4EA4582D17
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 3BCD35D16F729818CAE75BBECB43C1CF
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 57F483502A5FC15CE8E86A9EE5E0A63B
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 043E76E2A67A0A75A44306A58FA76C7F
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 4387289B60345E862FC124592CEDD699
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F4D4B35734870BF1A0DE2B78684E8A69
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 7171561D37384CEEDFB1FE6A51E0EB6E
Requests: 1 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=1394488214963540437&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGRzQWIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D62b70b462f96402e750fa289100f32ab25ef6422%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%212xUTWQiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTU5MEC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjU1OTA%3D%2Fbn%3D91793%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=1394488214963540437&_cb=1055072647
Frame ID: 70A0C1897AEF059FF0E3572B38601760
Requests: 3 HTTP requests in this frame

Frame: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Frame ID: 4D88E55D735657F1B8F3AFCF2FD05DD4
Requests: 3 HTTP requests in this frame

Frame: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=6702190739669195407&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGV5gKIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D9a6224c8146022cc29362a1f7d0f14dcc191a041%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%211hWnVwiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTEzNUC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjUxMzU%3D%2Fbn%3D45845%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=6702190739669195407&_cb=818364304
Frame ID: 42ACD9BC9568305A9F6BBEDB34217851
Requests: 3 HTTP requests in this frame

Frame: https://20db39cb6b941dfb1821dcd1cd061854.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E86FB2D1D675A3B995B1BB45CADB71D4
Requests: 1 HTTP requests in this frame

Frame: https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=11304&maxed=1&rnd=45888
Frame ID: 505E018DD279FD33AD1E7A684F335A1E
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 9BE9C7F1A42AECAE3949922132257CC1
Requests: 10 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Frame ID: DAA2F4B49BF5C53B6110FECE6A824B27
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Frame ID: 2B55BF8C40A61056A21BEEA8B64B8A79
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: FF26E46CF67C8A9B5EEE8B67CBB7F49B
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Frame ID: 695EC462707C6D6370FB5F7151D135C6
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 6A99C258103A2A2BB98CBDBD8D7B340F
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.shefinds.com
Frame ID: 80FC68E268B6C4E0845EEE7B1F46CF49
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.shefinds.com
Frame ID: 68E1493D4B8B1ECC5AFAE03C6EB3CEDD
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: F046EBD90D038D6FEA464B4D6B781E31
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 63DE7EB9F3C1565910E58AEAD0CEE3A9
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 2D1F18C2C11A72469AB0D24F1EB944CF
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 0DE340D99C26A9FF21D5738493E0F013
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: D98A84F3F9B061740A439F1C7881BD5F
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuH9wkUJaKYYBjTqF4JMIr5gb0_GdwY37FlKufkcLhR6eIWtgMmxxsPvxY0MC7rJXt1HINqMXF0KTUAquEhzdJriM8RkUHSKm-_MLCFgPrm8rz9pY_5tp18416jYysmUvvzJG8aBfD-AEA1eb9A5DrTEgeNIFm7iFMuNlZ8VRGxR342l4uqa8rWLybWTWd6i8iR8ksPPerccdsEAlAfKVEbqD7XZjyenLvbNzbNtAZjPHBzlFPXY0EggV_ShB4RctCXs7yUG_nC09NIpnZ-qIK9offpkmlnJywN7ScPjbiXdtnc2ANcN0oq0CFfZ2BUJLXNnPscse12AJfhuAxURGaE1MbUwDAIKwEjw&sai=AMfl-YRCaiWqjGPTc-ts4-v2bljOxpvLOymwe3vIQSDSd0zn7mhLuWJBYWNplcvBtjN6C-fbE_kzjK4WxDcORH_BK9D6ubCKTG8CyqOrSu1szoz0sTNjFRRhKCZ5EH4qH2M&sig=Cg0ArKJSzMg_I94S3KnzEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 155967CC9E798F02BBED95F0BA3D2BA8
Requests: 17 HTTP requests in this frame

Frame: https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 4AF12EFFE6DE72052CF6F620BF724D41
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: 83565DE3ACA0213D50C3EFB8BF8F4CFA
Requests: 7 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: CC19A46A7345F819E884D2FB2D9F4670
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 93D9F744D4D34821533E33B9B2870EA9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 33307ED1EA1130DB1E56C87B571BE9AE
Requests: 2 HTTP requests in this frame

Frame: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Frame ID: 15E675D8D68532F8301AF47C2BE886D7
Requests: 33 HTTP requests in this frame

Frame: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Frame ID: 2CAF50BF748236A23B10CDE8FC0B8B0E
Requests: 33 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: BFE670DF98BA9E3E054E4D26B839C10B
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 7A0C6F2B1AA0117AA87F55A28AC604EA
Requests: 2 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: A0AE3CF1939C749ADE0377EA66A42B9F
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: EBF5469B624C898A39FD7436940FE2E0
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 56496E1670EDCCD689792CB6267DEC68
Requests: 3 HTTP requests in this frame

Frame: https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QLRDvBMUQcAAAMA1gAFAQjEgtWnBhDIy-WNw_uRk2AY-6PpjMqS55gjKjYJKVyPwvUozD8RyCk6kst_yD8ZAAAAoEfhGEAhyCk6kst_yD8pKVwJJNAxAAAA4KNw5T8w_JHNDDjwO0DMFUgCUJe0z8wBWOPHWWAAaKawZHjtygWAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAml1ZignYScsIDIyMzU2MzAsIDApOwEULGknLCA4MjA0OTM2LBEULGcnLCAyMDg0MzMyMhUVAHMBFRw4Mzk3MDkzOBUWMHInLCA0MjkxMjAwMjMFFvR1AZICqQUhR1lHTW53amJ0OUlhRUplMHo4d0JHQUFnNDhkWk1BRTRBRUFBU013VlVQeVJ6UXhZQUdCTGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUNxQUVDc0FFQXVRRXByWC1uOWlqTVA4RUJLYTFfcF9Zb3pEX0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCaU9YMEFfVUJBQUJBUUpnQ0FLQUNBTFVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FJQURBWmdEQWFJRERnaUtqS3dxRUFJWUFpMEFBQUFBb2dNT0NQN0c3aTRRQkJnQkxVS2ZfRGlpQXhNSXZxdjNMUkFLR0FFdHI2a0VRRElEZFc1eG9nTU9DSXFNckNvUUN4Z0NMUUFBQUFDNkF3bE9XVTB5T2pVME9EUGdBN1JFZ0FTRjJ0QUtpQVMtMjlBS2tBUUFtQVFFd1FRQUFBQUFBAfgETWsR9QH4BFJCAQcwQUFBZ0JwQTJBUUE4UTEhUEFBQUlnRjZ5cVlCZnFhdEljQnFRVQEWATgQd1A3RUYBCgkBCERCQh03AHkuKAAAOTIoAABaFSjAUEFfNEFYd3F3SHdCYnFXLUFuNEJlNjVpQUdDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCZwlqMEFBaEFxQVlFc2dZa0MddABFHQwARx0MAEkdDPBDdUFZS3lBY0E0QWNENkFjQThRY0FBQUNnbVptNVBfZ0gtZE1JLUFmaDF3ajRCNTdiQ1BnSHN2MEmaApkBIWNSTGFCQWo2rQIoT1BIV1NBQUtBQXgRn1hDRUE2Q1U1WlRUSTZOVFE0TTBDMFJFaw0fDER3UDE9gABGERgMQUFBRx0YAEcdGABIDRggSUFhUUhnQWlRDRABTPBpdy4u2ALK0wLgAoutPOoCPmh0dHBzOi8vd3d3LnNoZWZpbmRzLmNvbS9jb2xsZWN0aW9ucy93YWxtYXJ0LXBhY2thZ2luZy1jaGFuZ2Uv8gIRCgZBRFZfSUQSBzIyMzU2MzDyAhIKBkNQRwEUCAgyMGnvARUIBUNQARQACXXuEPICDQoIAT4YRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEAB414APIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fB9gAMAiAMBkAMAmAMUoAMBqgMAwAPYBMgDANgDj_Qj4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQLOTYuOS4yNDkuNDWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA4yNzY0I05ZTTI6NTQ4M9oEAggB4AQA8ASXodl0-gQSCQAAAGB_cUVAEQAAAAAiuVPAiAUBmAUAoAX_EQGgAaoFIGRlN2JjMDE4ZmJmNmM2ZDkxODk5NTg3YWE2MjE5MjMwwAUAyQUBQhgAAPA_0gUJAVcFATTYBQHgBQHwBcOCCvoFBAGmKJAGAJgGALgGAMEGBSIsAPA_0AaYCtoGFgoQCREZAaAQABgA4AYB8gYCCACABwGIBwCgBwG6BwgqBDEtLS1AAcgH7coF0gcNCREzATEI2gcGAWisGADgBwDqBwIIAPAHg8mJBooIAhAAlQgAAIA_mAgBwAjK0wLSCAYIABAAGAA.&s=b8fc16b08c6dd578bc0176370ff1713dc3dfeb13&pp=0.191
Frame ID: ECE4B47CAD08879D3BC8A67EA91A1F25
Requests: 7 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Frame ID: 026B9066376BA31B7F9638E1729687A3
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 729F6E9163F7F48CBB6D1BE8FE7A1301
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 9B8695C0917BDB845A6908E8BA98FECF
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: 2E5086020D67ACD392A302974FC2A4DB
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DB7B26C21A0CB56C7FB41D4C74CC8FA9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 117FBF2D0DD0871458A2057BF6101A61
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: DB14F539A04D0ACA1FF17FB77C6C554E
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 7E67FDE5BFA0BB4707379431B956A6F7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Frame ID: 0FC6DA4923BE8E8EFCA1847099F503EB
Requests: 3 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Frame ID: C02FD53F964403244B1FA74B20317908
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Frame ID: 5153F5B235C28AE1685951F7569EECEE
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 46DEACBEC168F54AD13EDAF6B1CAB928
Requests: 2 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Frame ID: AD7AA70CAF5CEAF72FE2419EC9F7972A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Frame ID: B43E86FDD443078D1DB07090683FA8A1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 8027602B8B66D7D501F4AD2867D9BD2F
Requests: 2 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: DF851941C3680459C3BD2EA7A7954E68
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: BAC2ACB84DED2AAB0A407054C055509E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.deepintent.com/syncpixel.html
Frame ID: 9AEB50F2612252DA41291C33153B2DEA
Requests: 9 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Frame ID: ED85B2C7C4CB18DA620C25B47B45C442
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3FEA9916AC44CFB13FC6499A04156840
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 8A379785898059389981C305B3577A9D
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Frame ID: 0384A480DFDBF401D5000005E94475AA
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Frame ID: A2A772B5F776F7720F63345D2B701B13
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Frame ID: 25A478FB90F08FB9CCB20FE0E29D4884
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&gdpr=0&us_privacy=1---
Frame ID: 4B76085459BEC0ED49862036B372CA86
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: BFEF5361BA61FA6800E6EA7E4E079039
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: 162E11AB98F14D558613AA7C26141140
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Frame ID: 384F660896B886C47EECB0412097AA0D
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 86B14F283D541CD9ADD4C70E28106D79
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1B6B58593A1340C6D6E5A712BE7BE17A
Requests: 10 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=9fd3cc4d3cedab82560fbe2690ba4bec
Frame ID: F0A5E99B8A18EAD07EB805F93D825002
Requests: 6 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=9fd3cc4d3cedab82560fbe2690ba4bec
Frame ID: 9023B42B64A2CF00D2FA9F4A8793F505
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 59567129778F0D655320EBEC92081B35
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: B481BC695A08C9713A4D33DBA706407C
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 9596D8AB333607EAA04766A32590ABD0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: E82E70737A7415FEF58B8D387DA68B2E
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 1CB79D8F909E62B4157438D190CAB622
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.shefinds.com
Frame ID: 1A7D29E68AE1EC0B2D87BECF2653E10E
Requests: 2 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 1C13E7BD08FDAC2002CB4326CA5A0EC3
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: 4D128247DB80C7DE6006C6BB520BB679
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Frame ID: C8051D47B3B68AC430079DAFDE104484
Requests: 2 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: FA73AD5F9C064103F583567594E6AD6A
Requests: 7 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=9fd3cc4d3cedab82560fbe2690ba4bec
Frame ID: 14D7ABDF7A96629CBC944B226889934C
Requests: 5 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3Dpubmatic
Frame ID: 557CBC29889529FBC6C9A003C55BBA7C
Requests: 1 HTTP requests in this frame

Frame: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=BfCE3hDnG2SOJFTOP3fi&pi=vidoomy
Frame ID: C22B56876F62E2597AC73299BBC940BC
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 811C5C02A5F473A47AC06E70F5D4946C
Requests: 1 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=pubmatic
Frame ID: 2CA82DB8FA4AB4E1347AAA806C92942A
Requests: 1 HTTP requests in this frame

Frame: https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Frame ID: 6D4A8E88C69EAB78C9343E0E985A2263
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 6784811084290FF3005610C3C1A712BF
Requests: 6 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 1482CFFC8404C55BE5F6773FE5D68100
Requests: 6 HTTP requests in this frame

Frame: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Frame ID: 90A2908DB6F6CAF5891D282736A809A5
Requests: 6 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3Dpubmatic
Frame ID: 010373423507671965E760F3464A76BC
Requests: 1 HTTP requests in this frame

Frame: https://a.vidoomy.com/api/rtbserver/pbscookie?uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=pubmatic
Frame ID: BFE3BBCBFC1E69D28C8846C822D3CECB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Shoppers Slam Walmart For Packaging Change: ‘Heading In The Wrong Direction’ - SHEfinds

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 10%
Detected patterns
  • basket.*\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

2743
Requests

71 %
HTTPS

23 %
IPv6

241
Domains

437
Subdomains

286
IPs

16
Countries

29684 kB
Transfer

69337 kB
Size

564
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/945068
Request Chain 32
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757488
Request Chain 33
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757538
Request Chain 34
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757540
Request Chain 35
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=4&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=4&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757483
Request Chain 36
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=5&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=5&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757539
Request Chain 37
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=6&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=6&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=6&cs_esp=powerinbox_web&cs_containertype=web&cs_uid=57cf3fabbebe8b48be08a043e9d1c230 HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/945062
Request Chain 38
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=7&cs_esp=powerinbox_web&cs_containertype=web HTTP 301
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=7&cs_esp=powerinbox_web&cs_containertype=web HTTP 303
  • https://images-prod.powerinboxedge.com/v3/images/3682/757480
Request Chain 39
  • https://stripe.rs-stripe.com/branding/recommend/short.png HTTP 301
  • https://branding.revenuestripe.com/recommend/short.png
Request Chain 76
  • https://cdn.keywee.co/dist/analytics.min.js HTTP 301
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Request Chain 204
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693794608-24SKF765-H653&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001693794608-24SKF765-H653%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693794608-24SKF765-H653&adnxs_id=2535980227366638075&gdpr=0
Request Chain 205
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001693794608-24SKF765-H653&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001693794608-24SKF765-H653&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&id=AU1D-0100-001693794608-24SKF765-H653
Request Chain 206
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001693794608-24SKF765-H653 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001693794608-24SKF765-H653 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&id=AU1D-0100-001693794608-24SKF765-H653
Request Chain 208
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001693794608-24SKF765-H653&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001693794608-24SKF765-H653%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001693794608-24SKF765-H653&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001693794608-24SKF765-H653%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001693794608-24SKF765-H653%252526tapad_id%25253Df3a6c746-4028-425d-8997-c0b7dc5b7eac%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttd_puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001693794608-24SKF765-H653%2526tapad_id%253Df3a6c746-4028-425d-8997-c0b7dc5b7eac%2C HTTP 302
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001693794608-24SKF765-H653&tapad_id=f3a6c746-4028-425d-8997-c0b7dc5b7eac
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001693794608-24SKF765-H653 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001693794608-24SKF765-H653&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001693794608-24SKF765-H653&google_gid=CAESEF1gNzabfGFrQvDM79DwGW0&google_cver=1&google_ula=450542624,0
Request Chain 211
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693794608-24SKF765-H653&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693794608-24SKF765-H653&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0
Request Chain 213
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001693794608-24SKF765-H653%26unruly_id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001693794608-24SKF765-H653%26unruly_id%3D%5BRX_UUID%5D&cb=1693794608612 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001693794608-24SKF765-H653%26unruly_id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001693794608-24SKF765-H653&unruly_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 249
  • https://sb.scorecardresearch.com/b?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693794608781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&c8=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693794608781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&c8=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&c9=
Request Chain 280
  • https://idsync.rlcdn.com/712559.gif?partner_uid=360bc6e7-ada9-4f46-ae29-aed96e573ae7 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDM2MGJjNmU3LWFkYTktNGY0Ni1hZTI5LWFlZDk2ZTU3M2FlNxAAGg0IsYLVpwYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ab2970581c2a582b54ebadf42fc912d57b28cbb5ab0fad596f52aacf9c090398791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ab2970581c2a582b54ebadf42fc912d57b28cbb5ab0fad596f52aacf9c090398791426b5417dce21&rand=02100776 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ab2970581c2a582b54ebadf42fc912d57b28cbb5ab0fad596f52aacf9c090398791426b5417dce21&rand=02100776&expected_cookie=93c08194-3d91-46a2-80fc-731e86df6a32
Request Chain 335
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=shefinds.com&sn=ChromeSyncframe&so=0&topUrl=www.shefinds.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=4-GJh3xFaSt0U25DMmRYMTl2Vit4OFRSUUUrbEZ6MHB3UXA5bTVFeG9NeUtHUEREeVFKeGxHUzVvOGZaeVJiOEU3NGpvME5qNmQ3cGFZVWdQWDU4UTExamdTUDhMNzFIL0JGWTd6UmZ6STVmbDhxNWFtUlpGYU1tZ0dISzMraS9ZRlRORy94WXhOU2tmQmxBU0VLY3h0bWJUVW50TUpCUVlFbjhHVUs4YnlManIwcUxoYytrVWRnSlFRSjdTSlNOT3hOdG1iQm9JbmVybERYQ1hRUXpvQXc5RCtwWHdkdDVzQjh6ZjgvVHRxOTFYYnRDOGhxTjZZMlROeFlKSm94YmVETFltQ1h1RGY0aXk3Z2lzZzdjSkdlVWZOQT09fA&cppv=2
Request Chain 345
  • https://api.viglink.com/api/sync.js?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1--- HTTP 302
  • https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Request Chain 346
  • https://api.viglink.com/api/sync.gif?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1--- HTTP 302
  • https://ce.lijit.com/merge?pid=8008&3pid=77fe38b6038d847d6ee7e82402330055 HTTP 302
  • https://ce.lijit.com/merge?pid=8008&3pid=77fe38b6038d847d6ee7e82402330055&dnr=1
Request Chain 433
  • https://feed.pghub.io/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22articles%22%7D HTTP 302
  • https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22articles%22%7D
Request Chain 445
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=8ccb80fc75
Request Chain 446
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=7130330984 HTTP 302
  • https://sync.1rx.io/usersync/turn/3723847017943428256?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://ce.lijit.com/merge?pid=97&3pid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 447
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3367962136634934000V10
Request Chain 448
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=e5563551d8
Request Chain 450
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=C14E48D5177140E2A6F7C142966EB206&ex=simpli.fi&status=ok
Request Chain 454
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 457
  • https://cs.admanmedia.com/e1edfb9aa2a9066a203a7fce17c3a388.gif?puid=[UID]&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dacuity.com%26id%3D%5BUID%5D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=acuity.com&id=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Request Chain 458
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 461
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=990277896830277133&gdpr=0&gdpr_consent=
Request Chain 462
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7502a35ba4dc22c0&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGxnXd9PrYuQMpHvCOAAAAAAA&expiration=1693881013&is_secure=true
Request Chain 469
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 470
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1TdmJjcmQ1RTJ1TFRZQUEwNHNXY0VGRWExMHc3RHB2Vn5B
Request Chain 471
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=2535980227366638075&ex=appnexus.com
Request Chain 472
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com HTTP 301
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Request Chain 477
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4187545677285024608258
Request Chain 481
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LM49KSCX-B-B1NA&gdpr=0
Request Chain 482
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1 HTTP 302
  • https://ce.lijit.com/merge?pid=86&3pid=BfCE3hDnG2SOJFTOP3fi&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Request Chain 484
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=83&3pid=LM49KSCX-B-B1NA&gdpr=0
Request Chain 485
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=637533945 HTTP 302
  • https://sync.1rx.io/usersync/turn/3723847017943428256?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 489
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=2535980227366638075
Request Chain 490
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dgumgum2%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=2rXqQK-ghAmlXHnsEuU10 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 491
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Request Chain 492
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=7138e634-8278-0d73-3f20-722368677cad
Request Chain 493
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Request Chain 494
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
Request Chain 495
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=9be4ed3c-c4eb-4966-94aa-5a7f63709496
Request Chain 497
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=7OtLpfSYGeURan-VWWev&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHU3U65CMOBTFGWKHMVKVEYLOFVLFOV3FOY HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHU3U65CMOBTFGWKHMVKVEYLOFVLFOV3FOY HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=7OtLpfSYGeURan-VWWev
Request Chain 498
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 499
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=y2aI2Ueo8q3c&ev=1&pid=558355
Request Chain 500
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Request Chain 502
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=U3JiMTdWZXV2UnNlUzlDQlljTUFodw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEIgnvoTzmM4Y6KdLZSovT0A&google_cver=1
Request Chain 503
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=53c6549163901312&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMo9ZT9AivRgMbWMZcAAAAAAA&expiration=1693881014&nuid=&is_secure=true
Request Chain 505
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness%252522%25253A%252522%252522%25252C%252522brands%252522%25253A%25255B%25255D%25252C%252522fullVersionList%252522%25253A%25255B%25255D%25252C%252522mobile%252522%25253Afalse%25252C%252522model%252522%25253A%252522%252522%25252C%252522platform%252522%25253A%252522%252522%25252C%252522platformVersion%252522%25253A%252522%252522%25257D&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttd_puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
Request Chain 506
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F8629%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/8629?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9&uid=2535980227366638075 HTTP 302
  • https://cm.adform.net/cookie?&gdpr=0&gdpr_consent=&us_privacy=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F8629%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
Request Chain 507
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Request Chain 508
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT] HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=990277896830277133&gdpr=0&gdpr_consent=
Request Chain 509
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=tBqhGL_SEgdE6TJQpXUm
Request Chain 510
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=ad3c3e1d-5562-463a-9909-5fe7873052b0
Request Chain 511
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=4187545677285024608258
Request Chain 512
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 513
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dminutemedia%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dminutemedia%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=1355595760542239250 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&ssp=minutemedia&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 514
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Request Chain 515
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=HQzWZQZHTprevADoQOeL11M1
Request Chain 516
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21483&id=82F235EFF1234674BB5C958FB6785F44
Request Chain 517
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=451940539 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3175ac58-0d9d-47aa-b429-d8f42e050f30 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 518
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=d99fc1948fa396f0fdd7e4c9f13a0c3a
Request Chain 519
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212166994878779
Request Chain 520
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Request Chain 521
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=2535980227366638075
Request Chain 523
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Request Chain 524
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=1f5ca040-d5ff-0a71-20c3-7b39e034f70e
Request Chain 525
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
Request Chain 526
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
Request Chain 527
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=-8977760028884871190 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
Request Chain 528
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID%25%25 HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=y2aI2Ueo8q3c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Request Chain 529
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 531
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZPVBNgANs6j7wQAb HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPVBNgANs6j7wQAb&gdpr=&gdpr_consent=&_test=ZPVBNgANs6j7wQAb
Request Chain 534
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=3175ac58-0d9d-47aa-b429-d8f42e050f30
Request Chain 535
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPVBNsCo8YsAANAJGzcAAAAA
Request Chain 536
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1 HTTP 302
  • https://sync.bfmio.com/sync?pid=106&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Request Chain 537
  • https://ad.turn.com/r/cs?pid=60 HTTP 302
  • https://sync.bfmio.com/sync?pid=169&uid=3723847017943428256
Request Chain 539
  • https://ad.mrtnsvr.com/sync/beachfront HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D187%26uid%3D%23PM_USER_ID HTTP 302
  • https://sync.bfmio.com/sync?pid=187&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 540
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=124&redir=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D181%26uid%3D%7BuserId%7D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=124&redir=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D181%26uid%3D%7BuserId%7D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553%26partner_url%3Dhttps%253A%252F%252Fsync.bfmio.com%252Fsync%253Fpid%253D181%2526uid%253D114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&partner_url=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D181%26uid%3D114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553 HTTP 302
  • https://sync.bfmio.com/sync?pid=181&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Request Chain 541
  • https://pr-bh.ybp.yahoo.com/sync/beachfront/ac6b8db2f2104a35e5e958a985a42a245dc5024e HTTP 302
  • https://sync.bfmio.com/sync?pid=157&uid=y-ckVmJTJE2pKi4v2wCdSfjOoWXITkVl9TAwcsDQKOsw--~A
Request Chain 544
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Request Chain 549
  • https://match.adsrvr.org/track/cmf/openx?oxid=86054244-aa6d-3525-585b-62cea0377deb&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttd_puid=86054244-aa6d-3525-585b-62cea0377deb&gdpr=0&gdpr_consent=
Request Chain 551
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBhmj8Gl3CnInOe4ArLdqzE&google_cver=1
Request Chain 552
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Request Chain 553
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum&tc=1
Request Chain 554
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 562
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D441%26segid%3D21144%2C21967%2C32745 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21144,21967,32745
Request Chain 564
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=2535980227366638075
Request Chain 566
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-i9UQTq5E2uELVMrWy5FC9mIv3yPy6I5T~A
Request Chain 595
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an HTTP 302
  • https://ads.yieldmo.com/v000/sync?userid=2535980227366638075&pn_id=an
Request Chain 596
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8800397970 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/3175ac58-0d9d-47aa-b429-d8f42e050f30 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 597
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&redir=true&gdpr=-1&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CYmr9kdE2uUQVVHZ9BoBh45BkvRl5Po-~A&gdpr=-1
Request Chain 598
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3Rc7eqqnn7qauKa1vxIi HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Request Chain 600
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 601
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&expiration=1696386614&gdpr=0&gdpr_consent=
Request Chain 603
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGqf7ZMwSZ3Fc6Y0czDWXlI&google_cver=1
Request Chain 605
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2535980227366638075
Request Chain 607
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=fae2f914-4aca-11ee-872e-d4bc0acdf791
Request Chain 609
  • https://id5-sync.com/i/1173/8.gif?id5id=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA&o=api&gdpr_consent=undefined&gdpr=false HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/1173/108/7/2.gif?puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/k/264.gif?puid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=%%TTL%% HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1173%2F124%2F5%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/1173/124/5/4.gif?puid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F429%2F4%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/1173/429/4/5.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=3175ac58-0d9d-47aa-b429-d8f42e050f30&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F1245%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/1173/1245/3/6.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/1173/429/2/7.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Request Chain 612
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 614
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D HTTP 307
  • https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=82F235EFF1234674BB5C958FB6785F44
Request Chain 615
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.63%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=6844619947 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2069.63/d0a664f5-4137-4e00-931c-0b407a189fe2?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 616
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11587&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
Request Chain 617
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2535980227366638075&gdpr=0&gdpr_consent=
Request Chain 618
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 619
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 620
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 621
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2136%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=8931085338 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2136/d0a664f5-4137-4e00-931c-0b407a189fe2?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://cs.yellowblue.io/cs?aid=11579&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 622
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Request Chain 623
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=y2aI2Ueo8q3c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Request Chain 624
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=6e055ed2-7d82-0860-131c-3e5c819ea9a8
Request Chain 626
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11600&id=990277896830277133&gdpr=0&gdpr_consent=
Request Chain 627
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=cd5832ec7545d1929e5a56aa36bc4714&gdpr_consent=&gdpr=0
Request Chain 628
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212166994878779
Request Chain 637
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 638
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
Request Chain 639
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
Request Chain 640
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386615
Request Chain 641
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Request Chain 642
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 643
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Request Chain 644
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Request Chain 647
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=24td0frjcg4v9teczygazdi3f HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=24td0frjcg4v9teczygazdi3f
Request Chain 649
  • https://idsync.rlcdn.com/403716.gif?partner_uid=24td0frjcg4v9teczygazdi3f HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d3c33d22-672a-0345-0722-e23d99ac1c33
Request Chain 651
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
Request Chain 653
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
Request Chain 655
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4Gv0Pkl8ylM3jEHy7eUHrkkv5KBUpI9A
Request Chain 657
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UnQfgXgGT-1dhLV1H2TeKSBjUMSLTx6J2xtHOc4ji4E
Request Chain 659
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJGeyDuzsKFaAoSLYuWfRdk&google_cver=1
Request Chain 660
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=y2aI2Ueo8q3c&ev=1&us_privacy=&pid=562985
Request Chain 661
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=6cad4a6ed2a61312&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHSvoE9Y8frANuCnNmAAAAAAA&expiration=1693881016
Request Chain 663
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Request Chain 671
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Request Chain 686
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pq1aO2f_TUOvJNKY-3_I-A%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 687
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Df3a6c746-4028-425d-8997-c0b7dc5b7eac%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2535980227366638075&pt=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C
Request Chain 690
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTZBRDVBM0ItNjdGRi00RDQzLUFGMjQtRDI5OEZCN0ZDOEY4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3723847017943428256&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 691
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECgGmkStI0186o2kh9a1bIk&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3723847017943428256&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 692
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C14E48D5177140E2A6F7C142966EB206 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3723847017943428256&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 693
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8%26gdpr%3D0%26gdpr_consent%3D&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Request Chain 699
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LM49KSCX-B-B1NA&ex=d-rubiconproject.com&status=ok
Request Chain 704
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 705
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGqf7ZMwSZ3Fc6Y0czDWXlI&google_cver=1
Request Chain 706
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Request Chain 708
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Awvm-QEOs_wYW7WtDV2t-QdbtPUYC7itAw2ByIc_
Request Chain 709
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2535980227366638075
Request Chain 710
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=990277896830277133&gdpr=0&gdpr_consent=
Request Chain 711
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C14E48D5177140E2A6F7C142966EB206
Request Chain 724
  • https://id5-sync.com/s/441/9.gif?puid=u_b76a9c6d-ab0e-435a-b768-ba9a61dc1746&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F8%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/8/2.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F6%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/203/6/4.gif?puid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/4/6.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/2/4/6.gif?puid=2535980227366638075&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F3%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/429/3/7.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1242/2/8.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=3175ac58-0d9d-47aa-b429-d8f42e050f30&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1245%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1245/1/9.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=2535980227366638075&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1246%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1246/0/10.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
Request Chain 725
  • https://id5-sync.com/s/441/9.gif?puid=u_017cfd6a-dd63-4621-b627-954b35116c57&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/8/2.gif?puid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/6/4.gif?puid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F4%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/4/6.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F3%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/429/3/7.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F2%2F8.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/2/8.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F1%2F9.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/203/1/9.gif?puid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&consent=&id5id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
Request Chain 726
  • https://id5-sync.com/s/441/9.gif?puid=u_4a990b08-80d1-4e1c-9709-3dbc6e70f9d8&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F8%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/8/2.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F6%2F4.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/6/4.gif?puid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Request Chain 727
  • https://id5-sync.com/s/441/9.gif?puid=u_ef8d98f2-3baa-43df-8cea-6d3fd117ec85&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F8%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/3/8/2.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F6%2F4.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/796/6/4.gif?puid=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F4%2F6.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/4/6.gif?puid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Request Chain 728
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image HTTP 302
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=PxmqKPZY&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Request Chain 729
  • https://id5-sync.com/s/441/9.gif?puid=u_68349139-9c19-44e9-9322-22e0e06dbb28&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent= HTTP 302
  • https://id5-sync.com/c/441/434/8/2.gif?puid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F6%2F4.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/796/6/4.gif?puid=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F4%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/441/429/4/6.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1242/3/7.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=3175ac58-0d9d-47aa-b429-d8f42e050f30&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1245%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1245/2/8.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/441/1242/1/9.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&consent=&id5id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
Request Chain 746
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GxqrXdrQ0MorVmoK7vQx966YYQ7fydQ
Request Chain 747
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=47fde4976c982394&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9AiwEgNSK9XWAAAAAAA&expiration=1693881017
Request Chain 748
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
Request Chain 749
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Request Chain 750
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2535980227366638075
Request Chain 752
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=990277896830277133
Request Chain 753
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 754
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJGeyDuzsKFaAoSLYuWfRdk&google_cver=1
Request Chain 755
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=y2aI2Ueo8q3c&ev=1&us_privacy=&pid=562985
Request Chain 756
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Request Chain 757
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Request Chain 758
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ad3c3e1d-5562-463a-9909-5fe7873052b0&ssp=onetag&gdpr=0 HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 760
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzU1NDkwYmIwNzU5NWJhMjdmZGJiNWQ2ZDY0ZDk2MGNkMTY4NzVmOA
Request Chain 761
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://tags.bluekai.com/site/5386?id=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai HTTP 302
  • https://tags.bluekai.com/site/5386?id=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Request Chain 762
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XRA4ZgoN0hN8uMulAifJ8Q?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7mvw8n1E2oKZjihDDJd_hboUJ.tXDGJmBTL6_Q--~A
Request Chain 763
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3f0s6E8rQNCPaZcv8l8qqQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3f0s6E8rQNCPaZcv8l8qqQ
Request Chain 764
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGArZ5xj4ruQi3Ust2Adf0o&google_cver=1
Request Chain 766
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM49KSCX-B-B1NA
Request Chain 767
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE00OUtTQ1gtQi1CMU5B HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIFNhQJXk6CXGcgKkV2HVS4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00OUtTQ1gtQi1CMU5B&google_push=
Request Chain 776
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 777
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NzU0NTY3NzI4NTAyNDYwODI1OA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 778
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDzrjc7s5o4CpC7Uju4puCI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 779
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NzU0NTY3NzI4NTAyNDYwODI1OA%3D%3D
Request Chain 781
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4187545677285024608258&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2bdc259d-04e5-4b52-a832-28365078b2a0&ssp=triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=2409&xuid=54d10197-cb46-413a-91f9-8e6ea8d9de90&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 782
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4187545677285024608258?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-si_nq5NE2oTiO3VfwC_KnRhsm1uh0SaQ5vLyeRlRxg--~A&dongle=0883
Request Chain 784
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
  • https://eb2.3lift.com/xuid?mid=2711&xuid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 785
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2535980227366638075&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 787
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM49KSCX-B-B1NA
Request Chain 788
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LM49KSCX-B-B1NA
Request Chain 803
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&us_privacy=1--- HTTP 302
  • https://match.justpremium.com/match/gg?jp_uid=r-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113&ex_uid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71
Request Chain 806
  • https://idsync.rlcdn.com/403716.gif?partner_uid=24td0frjcg4v9teczygazdi3f HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGOuwZ3rPhtnTP6gSco4Wpc&google_cver=1
Request Chain 808
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 809
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
Request Chain 810
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
Request Chain 811
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386617
Request Chain 812
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Request Chain 813
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=-1&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=15baa7636bd61487&is_secure=true&networkId=17100&version=1&nuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=-1&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMo9ZT9AiwLAN9sdcnAAAAAAA&expiration=1693881017&nuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&is_secure=true&gdpr_consent=&gdpr=-1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 814
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Request Chain 815
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Request Chain 818
  • https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=24td0frjcg4v9teczygazdi3f HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=24td0frjcg4v9teczygazdi3f&xl8blockcheck=1
Request Chain 830
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Request Chain 833
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1 HTTP 302
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
Request Chain 834
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 307
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Request Chain 837
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
Request Chain 838
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=y2aI2Ueo8q3c&ev=1&us_privacy=1---&pid=562983
Request Chain 840
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID HTTP 302
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2535980227366638075
Request Chain 841
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=990277896830277133
Request Chain 842
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOONSWKZDUMFTS4Y3PNUXWG4ZPMNXW623JMVZXS3TDF5XXK5DCOJQWS3R7MNUGC3TOMVWHK2LEHV2EE4LII5GF6U2FM5SEKNSUJJIXAWCVNUTGK6DDNBQW4Z3FHVZWKZLEORQWOJTHMRYHEPJQEZ2XGX3QOJUXMYLDPE6TCLJNFU&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOONSWKZDUMFTS4Y3PNUXWG4ZPMNXW623JMVZXS3TDF5XXK5DCOJQWS3R7MNUGC3TOMVWHK2LEHV2EE4LII5GF6U2FM5SEKNSUJJIXAWCVNUTGK6DDNBQW4Z3FHVZWKZLEORQWOJTHMRYHEPJQEZ2XGX3QOJUXMYLDPE6TCLJNFU HTTP 302
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=tBqhGL_SEgdE6TJQpXUm&gdpr=0&us_privacy=1---
Request Chain 843
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Request Chain 844
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=54d10197-cb46-413a-91f9-8e6ea8d9de90&ssp=seedtag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594155179152629092&ssp=seedtag&gdpr=0&gdpr_consent= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=
Request Chain 846
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F HTTP 303
  • https://id5-sync.com/s/286/9.gif?puid=3cef9c40-0887-435c-b965-1zz1693794609&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/796/8/2.gif?puid=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/286/124/7/3.gif?puid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F429%2F6%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/286/429/6/4.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/286/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/2/5/5.gif?puid=2535980227366638075&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy= HTTP 303
  • https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9 HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=3175ac58-0d9d-47aa-b429-d8f42e050f30&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1245%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/286/1245/3/7.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F3%2F2%2F8.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/286/3/2/8.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=58&3pid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1242%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/286/1242/1/9.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=2535980227366638075&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1246%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/286/1246/0/10.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
Request Chain 848
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 849
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Request Chain 850
  • https://ups.analytics.yahoo.com/ups/58427/occ HTTP 302
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Request Chain 852
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID HTTP 307
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=HQzWZQZHTprevADoQOeL11M1
Request Chain 853
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D HTTP 302
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=d45c1b12-73d6-01f0-0ec2-d10ac0d48d5b
Request Chain 854
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid= HTTP 302
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkd002e9cdf4304d528c3cc18839fc8eac
Request Chain 855
  • https://creativecdn.com/cm-notify?pi=seedtag HTTP 302
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=BfCE3hDnG2SOJFTOP3fi&pi=seedtag
Request Chain 856
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120 HTTP 302
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU641abfc9db6847f0ab54e557609fb367
Request Chain 857
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e41e7122-527b-422a-9179-0dca1a6ecede&ssp=gumgum2&expires=30&user_group=5&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 858
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0 HTTP 302
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26gdpr%3D0%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 859
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
Request Chain 860
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 861
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Request Chain 862
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Request Chain 866
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2535980227366638075
Request Chain 868
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPVBNgANs6j7wQAb
Request Chain 869
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 870
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=e5cf3b29-2099-4e63-9375-b14659614e64&expiration=1725417017
Request Chain 871
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_fa62105b-1ea0-43c2-a9ed-ad988e2eedd1&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&expires=10&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 872
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709519417&external_user_id=edee8b52-66cf-4865-b85b-7a92b8bcf9d0
Request Chain 873
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACX7E7J6oIAACoiJc0fIg&expiration=1695004218
Request Chain 881
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GyOkDvNbILOEfn7k8SsBcod_ahED2Xw
Request Chain 882
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=30810d1ff39922c0&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMWIUKUlshDgMXHDcKAAAAAAA&expiration=1693881017
Request Chain 884
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
Request Chain 886
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
Request Chain 891
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Request Chain 900
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Request Chain 901
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Request Chain 902
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Request Chain 903
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 925
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://cs.yellowblue.io/cs?aid=11590&id=LM49KSCX-B-B1NA
Request Chain 926
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2fa9fdb29%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 927
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Request Chain 929
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=adyoulike&gdpr=0&user_id=zyBPIM0lGiXUcBx0wXYEIMtwHSzUIBF0zyaIV7q5 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=54d10197-cb46-413a-91f9-8e6ea8d9de90&name=BIDSWITCH&gdpr=0&gdpr_consent=
Request Chain 930
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=BfCE3hDnG2SOJFTOP3fi&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Request Chain 931
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=3175ac58-0d9d-47aa-b429-d8f42e050f30&name=THE_TRADE_DESK
Request Chain 932
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af9e62c4ae76bee5b9517c4ef4%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=de826e317f70a0b3dfe489aa3aeab830&gdpr=0&gdpr_consent=
Request Chain 933
  • https://match.prod.bidr.io/cookie-sync/aul HTTP 303
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1 HTTP 303
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACX7E7J6oIAACoiJc0fIg&name=BEESWAX
Request Chain 934
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visitor%3D__ZUID__%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGM5SHA4R5GATGOZDQOJPWG33OONSW45B5EZXGC3LFHVNEKTKBJZKECX2OIFKESVSFL4YV6MRGOR2GYPJXGIYCM5LJMQ6WMMTEHEYTGNTDMY2TGZDFMRSTOZRYGNRGCMJWGE3TCYJTG5TGIZBGOZUXG2LUN5ZD25CCOFUEOTC7KNCWOZCFGZKEUULQLBKW2&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGM5SHA4R5GATGOZDQOJPWG33OONSW45B5EZXGC3LFHVNEKTKBJZKECX2OIFKESVSFL4YV6MRGOR2GYPJXGIYCM5LJMQ6WMMTEHEYTGNTDMY2TGZDFMRSTOZRYGNRGCMJWGE3TCYJTG5TGIZBGOZUXG2LUN5ZD25CCOFUEOTC7KNCWOZCFGZKEUULQLBKW2 HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr=0&gdpr_consent=&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=tBqhGL_SEgdE6TJQpXUm
Request Chain 935
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%3D%23PMUID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Request Chain 938
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45&name=STACKADAPT&gdpr=0&gdpr_consent=
Request Chain 939
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67019618f4c5f35f52e%26visitor%3D%24%24visitor_cookie%24%24%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=1882bd9c06394597afd765bbe1527374&gdpr=0&gdpr_consent=
Request Chain 941
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=2abeedff-f0d9-4697-a17f-9a9623ab22db&gdpr=0&gdpr_consent=
Request Chain 942
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEENX%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D&gdpr=0&consent=&crf=1&rts=-3844164957296686739 HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&name=BETWEENX&gdpr=0&gdpr_consent=
Request Chain 943
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent= HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=b95bf7c1-4d91-4313-8f8b-32bc4da8a5c0&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Request Chain 961
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 962
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 963
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 966
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
Request Chain 968
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
Request Chain 969
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4Gy5bfY1WuNgqdiG4wyOoB6vnzz4Juqg
Request Chain 970
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=6796a90144a622c0&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGxnXd9PraBANuf9qAAAAAAAA&expiration=1693881018
Request Chain 971
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Request Chain 978
  • https://ad.turn.com/r/cs?pid=21&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3723847017943428256
Request Chain 979
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&us_privacy=1--- HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3037107703ba22c0&is_secure=true&networkId=19998&version=1&us_privacy=1--- HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMo9ZT9AiwcQM-Sd4wAAAAAAA&expiration=1693881018&is_secure=true&us_privacy=1---
Request Chain 980
  • https://c1.adform.net/serving/cookie/match?party=29&us_privacy=1--- HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=640113117700930142&expiration=1695004219
Request Chain 981
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&us_privacy=1--- HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
Request Chain 982
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&us_privacy=1--- HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b95bf7c1-4d91-4313-8f8b-32bc4da8a5c0
Request Chain 985
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba
Request Chain 1001
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-2004676374088338354 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&ssp=adaptmx&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1002
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415 HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A&gdpr=0
Request Chain 1003
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LM49KSCX-B-B1NA&gdpr=0&us_privacy=1---
Request Chain 1004
  • https://id.a-mx.com/u?&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Damx_com%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=amx_com&uid=
Request Chain 1005
  • https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=openx&uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
Request Chain 1006
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=smartadserver&uid=990277896830277133
Request Chain 1007
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dpubmatic%26uid%3DA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8 HTTP 302
  • https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 1008
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=index_rtb&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Request Chain 1009
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Request Chain 1013
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent= HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-TLHrjt9E2uHrGNyJnrzBHXP9W8baL9Px~A
Request Chain 1015
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&rndcb=4444715356 HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadconductor%26bsw_param%3D54d10197-cb46-413a-91f9-8e6ea8d9de90%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1882bd9c06394597afd765bbe1527374&ssp=adconductor&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/54d10197-cb46-413a-91f9-8e6ea8d9de90?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1016
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2535980227366638075&gdpr=0&gdpr_consent=
Request Chain 1018
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5ORBHC2CHJRPVGRLHMRCTMVCKKFYFQVLN&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC4TUNZSXE5LTMVZGSZB5ORBHC2CHJRPVGRLHMRCTMVCKKFYFQVLN HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=tBqhGL_SEgdE6TJQpXUm
Request Chain 1019
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 1020
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693794617703.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 1021
  • https://ssc-cms.33across.com/ps/?_=1693794617703.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X HTTP 302
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=212166994878779
Request Chain 1022
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&ts=1693794620&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1023
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-lhTm9F9E2uEuM8g8Ex6F.kdclWuL4jf7~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-lhTm9F9E2uEuM8g8Ex6F.kdclWuL4jf7%7EA&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1024
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=89feb7554e51487&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMWIUKUlshVAMJrwaHAAAAAAA&expiration=1693881019&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMWIUKUlshVAMJrwaHAAAAAAA&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1025
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4187545677285024608258 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4187545677285024608258&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1035
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Request Chain 1037
  • https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AACX7E7J6oIAACoiJc0fIg
Request Chain 1038
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID HTTP 307
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HQzWZQZHTprevADoQOeL11M1
Request Chain 1039
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID HTTP 302
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=de826e317f70a0b3dfe489aa3aeab830
Request Chain 1042
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dz7j3ZF84U3N5c01mMG1SbnRDdGxsbCUyRm5udmltbnFPZCUyRiUyRmVzUVFXODJ3MTMlMkY1bUklM0Q%26u%3d%24%7bUSER_ID%7d&gdpr=&consent=&us_privacy=1--- HTTP 303
  • https://ssp-sync.criteo.com/user-sync/match?p=z7j3ZF84U3N5c01mMG1SbnRDdGxsbCUyRm5udmltbnFPZCUyRiUyRmVzUVFXODJ3MTMlMkY1bUklM0Q&u=AACX7E7J6oIAACoiJc0fIg&us_privacy=1---
Request Chain 1043
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=IEkn818lMkI4OEIxVlpTcnNKZ3NVSjVlUDhQYW1kbVZQRCUyRkVUOW5KRkR1WGVKR1VtcyUzRA&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=k-IYG5OqXEl1SUKYrT7buHkdkN_1yLDk8DjtbXkA HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-IYG5OqXEl1SUKYrT7buHkdkN_1yLDk8DjtbXkA&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=&u=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 1044
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d-zZtcV91WGZlb2klMkZxUkVrYjJKWU12WDhyeEV1VldidGtod2tnc3FxeFdmNUJuYjglM0Q%26u%3d%3cTUID%3e&gdpr=&consent=&ccpa=1--- HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=-zZtcV91WGZlb2klMkZxUkVrYjJKWU12WDhyeEV1VldidGtod2tnc3FxeFdmNUJuYjglM0Q&u=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba
Request Chain 1047
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GzsXWh__G3ZH7KqlEtWd0jRGUPN_iyg
Request Chain 1048
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=740a5fe3f72f1487&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9AiwlwMbGeayAAAAAAA&expiration=1693881019
Request Chain 1049
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
Request Chain 1050
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Request Chain 1052
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 1053
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Request Chain 1054
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Request Chain 1055
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1813050723370043128&expires=30&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1061
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=4187545677285024608258
Request Chain 1062
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&rndcb=8966190251 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&google_hm=NTRkMTAxOTctY2I0Ni00MTNhLTkxZjktOGU2ZWE4ZDlkZTkw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGYFTk1BEPH6BrhXKezk8Gc&google_cver=1&ssp=adconductor&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/54d10197-cb46-413a-91f9-8e6ea8d9de90?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1063
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
Request Chain 1064
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636%2526visitor%253D%257Buid%257D%2526name%253DOPENWEB HTTP 302
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=afb42d02c4c3c298&name=OPENWEB
Request Chain 1072
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDWDdFN0o2b0lBQUNvaUpjMGZJZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AACX7E7J6oIAACoiJc0fIg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACX7E7J6oIAACoiJc0fIg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACX7E7J6oIAACoiJc0fIg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=990277896830277133&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AACX7E7J6oIAACoiJc0fIg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D990277896830277133%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=990277896830277133&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACX7E7J6oIAACoiJc0fIg&gdpr=0&gdpr_consent=
Request Chain 1073
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2535980227366638075&gdpr=0&gdpr_consent=
Request Chain 1074
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=fae2f914-4aca-11ee-872e-d4bc0acdf791
Request Chain 1075
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_a1f61cad865644a2aaed7
Request Chain 1076
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=go-ic4CK93aZ3_EnjNnpc4bf8H-Zj_wngolFna6g
Request Chain 1078
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 1080
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&vxii_pid=12&vxii_pid1=10067&vxii_rcid=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
Request Chain 1084
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://a.usbrowserspeed.com/cs?puid=8cf2afd4-acd3-5c6c-965d-fa96a0f1449a&pid=lc&r=https%3a%2f%2fmatch%2eprod%2ebidr%2eio%2fcookie%2dsync%2ffivebyfive%3fr%3dhttps%253a%252f%252fa%252eclickcertain%252ecom%252fpx%252fimg%252fbidswitch%252f%253fdone%253dtrue%2526bidswitch_ssp_id%253dpubmatic HTTP 302
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic HTTP 303
  • https://a.usbrowserspeed.com/cs?puid=AACX7E7J6oIAACoiJc0fIg&pid=beeswax&r=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26bidswitch_ssp_id%3Dpubmatic HTTP 302
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=01940ca9-0576-4940-949a-9d054abfc25a&expires=5&user_group=0&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 1086
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10874D1AA_4C1A5CCE&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 1094
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LM49KSCX-B-B1NA
Request Chain 1109
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
Request Chain 1110
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Request Chain 1112
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GtAsFqoNpv8KX50YI7ufkM8CagV1qsA
Request Chain 1113
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 1114
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=60639d518f1b2394&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGxnXd9PracQNKhvJLAAAAAAA&expiration=1693881020
Request Chain 1115
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Request Chain 1116
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Request Chain 1117
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a7d3cd70-86de-48b7-a433-d7ee488fb1bf&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1118
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2535980227366638075
Request Chain 1119
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=990277896830277133
Request Chain 1124
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HLiTh2iyUpl_l7NZChyoE2AJ-S0&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1125
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:F06qlvKX1QCZm45&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1126
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 1127
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1813050723370043128 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 1128
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=e5cf3b29-2099-4e63-9375-b14659614e64&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 1129
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU641abfc9db6847f0ab54e557609fb367 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1130
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=822877106412
Request Chain 1131
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 1133
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=aSNLhRAjA0awXQ-rPEH1ZA
Request Chain 1134
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&rndcb=5805976647 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&google_hm=NTRkMTAxOTctY2I0Ni00MTNhLTkxZjktOGU2ZWE4ZDlkZTkw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGYFTk1BEPH6BrhXKezk8Gc&google_cver=1&ssp=adconductor&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/54d10197-cb46-413a-91f9-8e6ea8d9de90?gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1136
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=26c6c033-d97e-49a0-be28-26a6939408b0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 1139
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C14E48D5177140E2A6F7C142966EB206&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 1140
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7470810201041396218&uid=Q7470810201041396218&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7470810201041396218
Request Chain 1143
  • https://idsync.rlcdn.com/712188.gif?partner_uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent= HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Request Chain 1146
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
Request Chain 1147
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=640113117700930142
Request Chain 1148
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2535980227366638075
Request Chain 1149
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:57b10a06-895d-4b19-937b-e28030e81a4e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 1156
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Request Chain 1157
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=7623aa4c964a1487&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9Aiw9gNsnu78AAAAAAA&expiration=1693881021
Request Chain 1158
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=640113117700930142&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1161
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24%7BBSW_UUID%7D HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 1164
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LM49KSCX-B-B1NA&name=RUBICON&gdpr=0
Request Chain 1173
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D55%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=55&key=2535980227366638075
Request Chain 1174
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D200%26key%3D%5BRX_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&rndcb=368330271 HTTP 302
  • https://sync.1rx.io/usersync/rubicon/LM49KSCX-B-B1NA HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D200%26key%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=200&key=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1176
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Request Chain 1177
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D72%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BuserId%7D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=72&pid=5e0e296628a061270b21ccab&key=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Request Chain 1178
  • https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D23%26key%3D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=23&key=6aee4e26-3af0-036a-2493-7dba72640ec7
Request Chain 1181
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D18%26key%3D%24UID HTTP 307
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=18&key=HQzWZQZHTprevADoQOeL11M1
Request Chain 1182
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D41%26pid%3D5e0e296628a061270b21ccab%26key%3D%24UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=41&pid=5e0e296628a061270b21ccab&key=4187545677285024608258
Request Chain 1183
  • https://ads.stickyadstv.com/user-matching?id=3665&_fw_gdpr=0&_fw_gdpr_consent= HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=62dea72e53dc2e243a2a2635d13fb7b&_fw_gdpr=0&_fw_gdpr_consent=
Request Chain 1185
  • https://match.sharethrough.com/universal/v1?supply_id=E5RP5Qpb&gdpr=0&consent=&us_privacy=1--- HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=142&key=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
Request Chain 1186
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D60%26key%3D%5BUID%5D HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=60&key=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Request Chain 1209
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LM49KSCX-B-B1NA HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LM49KSCX-B-B1NA&ts=1693794621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1224
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=990277896830277133&gdpr=0&gdpr_consent=
Request Chain 1226
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
Request Chain 1227
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26uid%3DSMART_USER_ID%26gdpr_pd%3D0&gdpr=0&gdpr_consent= HTTP 302
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=990277896830277133&gdpr_pd=0&gdpr=0&gdpr_consent=
Request Chain 1229
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=F06qlvKX1QCZm45
Request Chain 1230
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
Request Chain 1231
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050723370043128
Request Chain 1233
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 1235
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fcf21a0-5429-cdf4-fa82b175
Request Chain 1244
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LM49KSCX-B-B1NA&gdpr=0
Request Chain 1249
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=55fee6f9cdbb2394&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881023
Request Chain 1250
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=[AV_CONSENT] HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0&gdpr_consent=[AV_CONSENT]
Request Chain 1252
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=[AV_CONSENT] HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=54d10197-cb46-413a-91f9-8e6ea8d9de90&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594155179152629092&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1253
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&google_hm=NTRkMTAxOTctY2I0Ni00MTNhLTkxZjktOGU2ZWE4ZDlkZTkw HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGYFTk1BEPH6BrhXKezk8Gc&google_cver=1&ssp=sonobi&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 1254
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=aniview&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=aniview
Request Chain 1255
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
Request Chain 1256
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=07f064bb-75b8-42f3-a993-2e9dec53f3bc&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
Request Chain 1257
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
Request Chain 1260
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
Request Chain 1261
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=07f064bb-75b8-42f3-a993-2e9dec53f3bc HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=f3a6c746-4028-425d-8997-c0b7dc5b7eac&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Df3a6c746-4028-425d-8997-c0b7dc5b7eac%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=48096718709407920331769723118062651737&pt=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C
Request Chain 1262
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Request Chain 1263
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
Request Chain 1264
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
Request Chain 1265
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
Request Chain 1266
  • https://idsync.rlcdn.com/711892.gif?partner_uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc HTTP 307
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2535980227366638075
Request Chain 1270
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
Request Chain 1271
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
Request Chain 1272
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDdmMDY0YmItNzViOC00MmYzLWE5OTMtMmU5ZGVjNTNmM2Jj HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
Request Chain 1273
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=f1113e9352a245d2913e9352a295d25c
Request Chain 1278
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 1280
  • https://id5-sync.com/s/434/9.gif?puid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F8%2F2.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/8/2.gif?puid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/2/7/3.gif?puid=2535980227366638075&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/3/6/4.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=27&3pid=3175ac58-0d9d-47aa-b429-d8f42e050f30&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1245%2F5%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/434/1245/5/5.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AACX7E7J6oIAACoiJc0fIg&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1241%2F4%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/434/1241/4/6.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F3%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/434/3/3/7.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=92&3pid=2535980227366638075&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/434/1246/2/8.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AACX7E7J6oIAACoiJc0fIg&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1241%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/434/1241/1/9.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F0%2F10.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/434/203/0/10.gif?puid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
Request Chain 1314
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8 HTTP 303
  • https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 1316
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8 HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=ff7aa120-4aca-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 1326
  • https://rtb-use.mfadsrvr.com/sync?ssp=bidswitch&seller_network=bidswitch_criteo&bid_id=d1856aab-0827-46f8-a86a-08485718fec6&initiator=me&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ad3c3e1d-5562-463a-9909-5fe7873052b0&us_privacy=1--- HTTP 302
  • https://jadserve.postrelease.com/suid/1011?vk=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 1328
  • https://us-east-sync.bidswitch.net/sync?ssp=criteo&dsp_id=250&imp=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=54d10197-cb46-413a-91f9-8e6ea8d9de90&ssp=criteo&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594155179152629092&ssp=criteo&gdpr=&gdpr_consent= HTTP 302
  • https://ssp-sync.criteo.com/user-sync/match?p=&u=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 1369
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e41e7122-527b-422a-9179-0dca1a6ecede&ssp=gumgum2&expires=30&user_group=5&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1370
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7BuserId%7D%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 1371
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
Request Chain 1372
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 1373
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Request Chain 1374
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Request Chain 1375
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
Request Chain 1382
  • https://tag.crsspxl.com/c.gif?t=50288&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5110%263pid%3D%5BUID%5D HTTP 302
  • https://tag.crsspxl.com/c.gif?cc=1&t=50288&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5110%263pid%3D%5BUID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=5110&3pid=4675803951937906561
Request Chain 1391
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1419
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Request Chain 1420
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Request Chain 1421
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 1438
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LM49KSCX-B-B1NA
Request Chain 1439
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2064%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=687449420 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2064/114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553?zcc=0&sspret=1&rndcb=687449420
Request Chain 1447
  • https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-ug5of&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&supplyCode=p4dt2-980w2&mediaId=VideoId&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&transactionId=465b3cf2-6353-4bdf-af55-4867d1915837&floor=USD:2&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&us_privacy=1---&hb=1&fmt=json HTTP 302
  • https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-ug5of&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&supplyCode=p4dt2-980w2&mediaId=VideoId&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&transactionId=465b3cf2-6353-4bdf-af55-4867d1915837&floor=USD:2&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&us_privacy=1---&hb=1&fmt=json&_tur=T
Request Chain 1455
  • https://sync.graph.bluecava.com/ds.png?p=95b767e8-0bec-4fdb-a4d3-bc8ce01a08cd&segment=66afeee89497e411a7020050569b1b56&uid=HQzWZQZHTprevADoQOeL11M1&sovrnrnd=72447 HTTP 302
  • https://hash.qualia.id/g.png?p=9a5f7968-45f9-4b4c-bbd7-0edcc749a1c3&rid=460c0f1b-5ef5-4d14-b1af-cd7ef072b7e3&did=460c0f1b-5ef5-4d14-b1af-cd7ef072b7e3&chained=true
Request Chain 1458
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 1459
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Request Chain 1462
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
Request Chain 1463
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent} HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.55%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7734936428 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2069.55/114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553?zcc=0&sspret=1&rndcb=7734936428 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1464
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=733068&extuid=HQzWZQZHTprevADoQOeL11M1
Request Chain 1465
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Request Chain 1467
  • https://match.sharethrough.com/universal/v1?supply_id=wldemn0V HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=748543&extuid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=%7BGDPR%7D&gdpr_consent=%7BGDPR_CONSENT_80%7D
Request Chain 1468
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.shefinds.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=www.shefinds.com&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
Request Chain 1477
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=282302acab169b2a8066fc4260fc6f15
Request Chain 1478
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZPVBNe7xTpdYaMRGxHT2EAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
Request Chain 1479
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25CCOFUEOTC7KNCWOZCFGZKEUULQLBKW2 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25CCOFUEOTC7KNCWOZCFGZKEUULQLBKW2 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=tBqhGL_SEgdE6TJQpXUm
Request Chain 1482
  • https://id.rlcdn.com/711587.gif HTTP 307
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Request Chain 1485
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
Request Chain 1486
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent} HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.55%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=111326026 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2069.55/2535980227366638075?zcc=0&sspret=1&rndcb=111326026 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1487
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 1488
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Request Chain 1489
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Request Chain 1492
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=733068&extuid=HQzWZQZHTprevADoQOeL11M1
Request Chain 1494
  • https://match.sharethrough.com/universal/v1?supply_id=wldemn0V HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=748543&extuid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=%7BGDPR%7D&gdpr_consent=%7BGDPR_CONSENT_80%7D
Request Chain 1495
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2 HTTP 302
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.shefinds.com&ver=1.2&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=www.shefinds.com&upapi=true HTTP 302
  • https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
Request Chain 1503
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Request Chain 1504
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=ee57f448535302e4cae242ff57a5b5b8
Request Chain 1505
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=xpnh5uy0e112
Request Chain 1506
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZPVBNe7xTpdYaMRGxHT2EAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
Request Chain 1508
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 1510
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&159=CAESEMFMCvRJxhEVucABoPBOZe0&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&892=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AACX7E7J6oIAACoiJc0fIg&dataProviderId=817&gdpr=0 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&26913=AACX7E7J6oIAACoiJc0fIg&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&717=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK%7EA HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
Request Chain 1528
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=d3c33d22-672a-0345-0722-e23d99ac1c33 HTTP 307
  • https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=032c78c2576f980deb89ab8b3334f44a1de58bbb8cf082292dbbcdc65b54d5d5c0cb235b3774c97e&cb=02232696
Request Chain 1529
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=2535980227366638075
Request Chain 1530
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3723847017943428256&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 1531
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZPVBNgANs6j7wQAb
Request Chain 1536
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D32%26type%3Diframe%26id%3D%24UID%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=2535980227366638075&auxuid=
Request Chain 1538
  • https://sync.smartadserver.com/getuid?gdpr_consent=&url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D45%26type%3Diframe%26id%3D%5Bsas_uid%5D%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=45&type=iframe&id=990277896830277133&auxuid=
Request Chain 1539
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=skJudSCZ30&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D108%26type%3Diframe%26id%3D%5BPDID%5D%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=3cef9c40-0887-435c-b965-1zz1693794609&auxuid=
Request Chain 1540
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2064%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=8882392915 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2064/2535980227366638075?zcc=0&sspret=1&rndcb=8882392915
Request Chain 1541
  • https://match.sharethrough.com/universal/v1?supply_id=49574e61&gdpr=&gdpr_consent=&tappx=1 HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=80&id=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
Request Chain 1542
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D28%26type%3Diframe%26id%3D%24UID%26auxuid%3D&gdpr=&gdpr_consent= HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=4187545677285024608258&auxuid=
Request Chain 1543
  • https://s.c.appier.net/tappx HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=728&id=aSNLhRAjA0awXQ-rPEH1ZA
Request Chain 1544
  • https://ad.360yield.com/server_match?partner_id=1934&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D253%26type%3Diframe%26id%3D%7BPUB_USER_ID%7D%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&auxuid=
Request Chain 1545
  • https://ads.betweendigital.com/match?bidder_id=43929&callback_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D724%26type%3Diframe%26id%3D%24%7BUSER_ID%7D%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&auxuid=
Request Chain 1546
  • https://t.adx.opera.com/pub/sync?pubid=pub6192414557248&gdpr=&consent=&us_privacy={{US_PRIVACY}} HTTP 302
  • https://ssp.api.tappx.com/cs/usync?consent=&gdpr=&id=OPU641abfc9db6847f0ab54e557609fb367&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
Request Chain 1548
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657024
Request Chain 1572
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D50%26type%3Diframe%26id%3D%24UID%26auxuid%3D HTTP 303
  • https://ssp.api.tappx.com/cs/usync?idmn=50&type=iframe&id=640113117700930142&auxuid=
Request Chain 1574
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=tappx&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Request Chain 1575
  • https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D13%26type%3Diframe%26id%3D%24UID%26auxuid%3D HTTP 307
  • https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HQzWZQZHTprevADoQOeL11M1&auxuid=
Request Chain 1576
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Request Chain 1583
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
Request Chain 1586
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
Request Chain 1596
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D631495%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
Request Chain 1600
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
Request Chain 1605
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.5%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=2178463692 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2069.5/2535980227366638075?zcc=0&sspret=1&rndcb=2178463692 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005%26ex%3Drhythmone.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&ex=rhythmone.com
Request Chain 1606
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 1613
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=2aa8d7ce-b2f5-1013-af72-293d85fa3d29 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=187o3xpzkurax
Request Chain 1614
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=998b76a1-f817-096b-2ece-f98f440573da&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZPVBQjv-Ym6xZtnfccc18Lbx
Request Chain 1615
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=WVPIeAPrjAu-Ly55cy5HUQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 1616
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=9be4ed3c-c4eb-4966-94aa-5a7f63709496
Request Chain 1617
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
Request Chain 1622
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693794625181.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 1623
  • https://ssc-cms.33across.com/ps/?_=1693794625181.&ri=0010b00001siQHqAAM&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212166994878779&auxuid=
Request Chain 1624
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1696386625%26external_user_id%3D3175ac58-0d9d-47aa-b429-d8f42e050f30 HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1696386625&external_user_id=3175ac58-0d9d-47aa-b429-d8f42e050f30
Request Chain 1625
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693794625181.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Request Chain 1626
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&ts=1693794626&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1627
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=HLiTh2iyUpl_l7NZChyoE2AJ-S0 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0&ts=1693794626&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1628
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693794625181.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=2535980227366638075
Request Chain 1632
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=7846366807 HTTP 302
  • https://sync.1rx.io/usersync/stackadapt/0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1633
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 1638
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=6191154777 HTTP 302
  • https://sync.1rx.io/usersync/stackadapt/0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1639
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 1648
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&159=CAESEMFMCvRJxhEVucABoPBOZe0&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&892=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&717=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK%7EA HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Request Chain 1650
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=F06qlvKX1QCZm45
Request Chain 1651
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=640113117700930142
Request Chain 1652
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=RTpskUc_OZReaj_FS2wnkUFqPp1eOjLFRTyBei4X
Request Chain 1653
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a7d3cd70-86de-48b7-a433-d7ee488fb1bf&ssp=openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1654
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1813050723370043128
Request Chain 1655
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=C14E48D5177140E2A6F7C142966EB206
Request Chain 1656
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=86b39ec0-9db7-0f54-1add-9ec82aa1bc04 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2cb0d09f-970d-456e-be4b-50f8818385a0 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=209a5ed8-14b6-4395-918c-4da16d7955ba%3A1693794626.9884548&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D209a5ed8-14b6-4395-918c-4da16d7955ba%253A1693794626.9884548%26pid%3D500040%26it%3D1%26iv%3D209a5ed8-14b6-4395-918c-4da16d7955ba%253A1693794626.9884548%26_%3D1693794626.994519&cb=1693794626.9945703 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1813050723370043128&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D209a5ed8-14b6-4395-918c-4da16d7955ba%253A1693794626.9884548%26pid%3D500040%26it%3D1%26iv%3D209a5ed8-14b6-4395-918c-4da16d7955ba%253A1693794626.9884548%26_%3D1693794626.994519 HTTP 302
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=209a5ed8-14b6-4395-918c-4da16d7955ba%3A1693794626.9884548&pid=500040&it=1&iv=209a5ed8-14b6-4395-918c-4da16d7955ba%3A1693794626.9884548&_=1693794626.994519 HTTP 303
  • https://pippio.com/api/sync?it=1&pid=500040&_=1693794626.994519&iv=209a5ed8-14b6-4395-918c-4da16d7955ba:1693794626.9884548
Request Chain 1665
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=7458589337 HTTP 302
  • https://sync.1rx.io/usersync/stackadapt/0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1666
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 1671
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
Request Chain 1672
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
Request Chain 1673
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
Request Chain 1674
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
Request Chain 1675
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
Request Chain 1676
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
Request Chain 1677
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Request Chain 1699
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Request Chain 1700
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=tappx&khaos=LM49KSCX-B-B1NA HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=52&id=LM49KSCX-B-B1NA
Request Chain 1705
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
Request Chain 1708
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 1723
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Request Chain 1724
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=ambient-digital&ttd_tpi=1 HTTP 302
  • https://cm.gammaplatform.com/adx/recv?pid=5&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Request Chain 1725
  • https://trace.mediago.io/ju/cs/indexexchange HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=ee57f448535302e4cae242ff57a5b5b8
Request Chain 1726
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZPVBNe7xTpdYaMRGxHT2EAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
Request Chain 1735
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=9be4ed3c-c4eb-4966-94aa-5a7f63709496&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 1736
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3723847017943428256&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 1737
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5ORBHC2CHJRPVGRLHMRCTMVCKKFYFQVLN&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5ORBHC2CHJRPVGRLHMRCTMVCKKFYFQVLN HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=tBqhGL_SEgdE6TJQpXUm
Request Chain 1738
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45&dongle=4430
Request Chain 1741
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 1747
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A&gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&717=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK%7EA&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
Request Chain 1750
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A&gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&717=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK%7EA&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A&gdpr=0&gdpr_consent=null HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&717=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK%7EA&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3Dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=null&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Request Chain 1753
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&892=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&159=CAESEMFMCvRJxhEVucABoPBOZe0&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Request Chain 1754
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=OD8h3zo6dNojb3KLNmlq3zxvc9MjP3-LODmsomA9
Request Chain 1755
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881027&gdpr_consent=&gdpr=0
Request Chain 1756
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AACX7E7J6oIAACoiJc0fIg&dongle=bzwx&gdpr=0
Request Chain 1757
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3690&xuid=d0a664f5-4137-4e00-931c-0b407a189fe2&dongle=3995&gdpr=0&gdpr_consent=
Request Chain 1758
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZPVBNgANs6j7wQAb&dongle=3c0a&gdpr=0&gdpr_consent=
Request Chain 1759
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4945&xuid=ad3c3e1d-5562-463a-9909-5fe7873052b0&dongle=31ac&gdpr=0&gdpr_consent=
Request Chain 1760
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=C14E48D5177140E2A6F7C142966EB206&dongle=yf3
Request Chain 1761
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6547&xuid=BfCE3hDnG2SOJFTOP3fi&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Request Chain 1763
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=6019&xuid=F06qlvKX1QCZm45&dongle=465e&gdpr=0&gdpr_consent=
Request Chain 1767
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&892=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&159=CAESEMFMCvRJxhEVucABoPBOZe0&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AACX7E7J6oIAACoiJc0fIg&dataProviderId=817&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
Request Chain 1768
  • https://ssc-cms.33across.com/ps/?_=1693794626621.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212166994878779
Request Chain 1769
  • https://cs.admanmedia.com/ad78321e103d19bf85068e7bf407c77f.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D121%26us_privacy%3D%26xu%3D%5BUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=121&us_privacy=&xu=c71bb500-7d1c-4182-b47d-bb1d4ea32a08 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=121&external_user_id=c71bb500-7d1c-4182-b47d-bb1d4ea32a08&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1770
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc1MDI2NzU4Mi90LzI/url/https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D44%26ts%3D1693794626621.3%26us_privacy%3D%26xu%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=44&ts=1693794626621.3&us_privacy=&xu=3723847017943428256 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=44&external_user_id=3723847017943428256&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1771
  • https://sync.1rx.io/usersync2/33across?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Request Chain 1773
  • https://pxl.iqm.com/i/ck/ttacross?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D123%26ts%3D1693794626621.6%26us_privacy%3D%26xu%3D%5BPUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=123&ts=1693794626621.6&us_privacy=&xu=5d5d937a-cdd5-4911-9e7d-07699aaba21c HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=123&external_user_id=5d5d937a-cdd5-4911-9e7d-07699aaba21c&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1774
  • https://cs.mobfox.com/4601c426c7c74dd7172eb80111ccb2bf.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D126%26us_privacy%3D%26xu%3D%5BUID%5D HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=126&us_privacy=&xu=d258f3b0-ccdc-45a0-9fa4-fb4caaa811a3 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=126&external_user_id=d258f3b0-ccdc-45a0-9fa4-fb4caaa811a3&ts=1693794629&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 1782
  • https://um4.eqads.com/um/cs HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657027
Request Chain 1793
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.shefinds.com/ROS?rnd=0.4140224225983582&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=87223f4c-12fb-4b8a-a0a7-b201e56a3513 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.4140224225983582&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=87223f4c-12fb-4b8a-a0a7-b201e56a3513
Request Chain 1802
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.shefinds.com/ROS?rnd=0.25058877364703736&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=aa383d1e-9b5f-45d8-a2cf-ba92691430f1 HTTP 302
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.25058877364703736&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=aa383d1e-9b5f-45d8-a2cf-ba92691430f1
Request Chain 1810
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Request Chain 1811
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&717=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK%7EA HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AACX7E7J6oIAACoiJc0fIg&dataProviderId=817&gdpr=0 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&26913=AACX7E7J6oIAACoiJc0fIg&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 1812
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 1813
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&us_privacy=1---&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZPVBNe7xTpdYaMRGxHT2EAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
Request Chain 1831
  • https://ids.ad.gt/api/v1/index?cb=https%3A%2F%2Fssum-sec.casalemedia.com%2Fium%3Fsourceid%3D15%26uid%3D&us_privacy=1--- HTTP 302
  • https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eallbkallfh6iae6dg8be9iadce9ehkalcabackkc2jl&us_privacy=1---
Request Chain 1832
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&159=CAESEMFMCvRJxhEVucABoPBOZe0&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&717=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK%7EA HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=fae2f914-4aca-11ee-872e-d4bc0acdf791 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
Request Chain 1833
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 1837
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&us_privacy=1---&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=ZPVBNe7xTpdYaMRGxHT2EAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
Request Chain 1846
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=7482893443 HTTP 303
  • https://sync.1rx.io/usersync/beeswax/AACX7E7J6oIAACoiJc0fIg HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005%26auxuid%3D HTTP 302
  • https://ssp.api.tappx.com/cs/usync?idmn=162&type=iframe&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&auxuid=
Request Chain 1849
  • https://um4.eqads.com/um/cs?us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657027
Request Chain 1850
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
Request Chain 1856
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=1132783314 HTTP 303
  • https://sync.1rx.io/usersync/beeswax/AACX7E7J6oIAACoiJc0fIg HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 1882
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFprWTJ4clExbnFHSGltWEEzJTJGa0hEZyUyRjhmSnUlMkZVbVA1JTJCWE5UUjZLJTJCdHN4dFhKWVZqUEV0emVvUmRSM3QxdVJvMDF2SW5KdGRvNW9Qc1VEcEVIU2VRTFNpdGdCSHQwbnpmRHIxN2hnJTNEJTNE&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=Cl8IU3xtaGxpVnBERlp5MXppNjFVbXNtRjBkbmhYeVhSQldvQ1NxN3UvREVVc29lazFjbFVQcG9lQnJmbm1oa1BmdlVVeEV5bEZpVEpWTVRnd2FTRlZYanVxZ3ZyNzkyYWFBK1E0T3czU0wzQVp2eUVURG1MUzR5Tmd6aVMwVUxySXFnaU55emlOaDFmeVhqMEJRaDVwVk9sSVJqaDFJeXYyVWFBL2t1K3VNYnRpVGM2cG9IQXc0RG4rckc2QVptR2NYVVRWTDltOTBaaG5ZZlJveHh1Q096M3B3YmFRU0FNY3lFVnl2eVJ5dVlDMDhINVpPaUUwLyt0cjd1MGFCQWRhbkxna0JWam9PcVlMMDZ2MXBleU5haGZ1VENIdS9ISWFTYkE5YmtKOG1jem0xTT18&cppv=2
Request Chain 1884
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Request Chain 1893
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 1895
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
Request Chain 1896
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
Request Chain 1897
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
Request Chain 1898
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
Request Chain 1901
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1813050723370043128&expires=30&ssp=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 1902
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=2df8bf4b97fb4e89b8bf4b97fb8e8987
Request Chain 1903
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
Request Chain 1904
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 1905
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
Request Chain 1906
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDdmMDY0YmItNzViOC00MmYzLWE5OTMtMmU5ZGVjNTNmM2Jj HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
Request Chain 1907
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
Request Chain 1909
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=07f064bb-75b8-42f3-a993-2e9dec53f3bc&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
Request Chain 1910
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
Request Chain 1911
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Request Chain 1912
  • https://idsync.rlcdn.com/711892.gif?partner_uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=4d75faa76af0d0cdccc06ad51ee7cb0f4b920d7bf715165cb3c9b298e7776d87b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BDD_UUID%7D HTTP 302
  • https://idsync.rlcdn.com/362248.gif?partner_uid=48096718709407920331769723118062651737
Request Chain 1913
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=3356acbef0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=3356acbef0
Request Chain 1921
  • https://um4.eqads.com/um/cs?us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657028
Request Chain 1951
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=e5cf3b29-2099-4e63-9375-b14659614e64&ssp=gumgum2&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 1952
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 1953
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
Request Chain 1954
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 1955
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Request Chain 1956
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Request Chain 1957
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
Request Chain 1960
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFprWTJ4clExbnFHSGltWEEzJTJGa0hEZyUyRjhmSnUlMkZVbVA1JTJCWE5UUjZLJTJCdHN4dFhKWVZqUEV0emVvUmRSM3QxdVJvMDF2SW5KdGRvNW9Qc1VEcEVIU2VRTFNpdGdCSHQwbnpmRHIxN2hnJTNEJTNE&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=s3BpJnwwWnR5Y3M1WC8xZlN2NkxVUkZmODZmRnMva2FWSXk4V3g3NVBmbXY3OVNMclJ1STFLcTFPNkFmQXg4VnNWdWRzMUNqdDNTU3k2SmhyWHRCSGc4N3E2cGV6dTdpRVA2QjRVNHF3T1ZpR3QrdkVUS2NwaFpTd0RRNDU5MWsrMm9idFVHREdVZkFNazN4dEh3RzZrNUlKUm92d3hTaVh5REcvRFkwaHRmaHZKRWM0Vi9Wc2pyRnZXMENXQzVxYUZtV1cvSlJkcnhxVzdrUGI1TjliZytpUEMyZWlUZzlsM0tpRWtsMHJYUVJTWE9CUGhjZnFrQy9YZ3k3VFZjODBhMnZTYmZ2VmNyNWRwYTdHUi93V1k2TzZDWnYrSXhYdGtPOFlXZUQ3N2hrUjZxUT18&cppv=2
Request Chain 1964
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 1972
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Request Chain 1974
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=07f064bb-75b8-42f3-a993-2e9dec53f3bc&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
Request Chain 1975
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
Request Chain 1977
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 1979
  • https://idsync.rlcdn.com/711892.gif?partner_uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp HTTP 302
  • https://idsync.rlcdn.com/379718.gif?partner_uid=PxmqKPZY
Request Chain 1981
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
Request Chain 1983
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Request Chain 1984
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dsonobi%26bsw_param%3D54d10197-cb46-413a-91f9-8e6ea8d9de90%26gdpr%3D0%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1882bd9c06394597afd765bbe1527374&ssp=sonobi&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&consent=&gdpr_pd=&expires=7 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 1985
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=2df8bf4b97fb4e89b8bf4b97fb8e8987
Request Chain 1986
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDdmMDY0YmItNzViOC00MmYzLWE5OTMtMmU5ZGVjNTNmM2Jj HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
Request Chain 1987
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
Request Chain 1988
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
Request Chain 1990
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
Request Chain 1991
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=3356acbef0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=3356acbef0
Request Chain 1992
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
Request Chain 1993
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
Request Chain 1999
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D HTTP 302
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=5968313896 HTTP 303
  • https://sync.1rx.io/usersync/beeswax/AACX7E7J6oIAACoiJc0fIg HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 2007
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
Request Chain 2008
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2011
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D631495%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
Request Chain 2014
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Request Chain 2015
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Request Chain 2016
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 2023
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=HQzWZQZHTprevADoQOeL11M1/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id} HTTP 302
  • https://ce.lijit.com/merge?pid=5001&3pid=bb2ddcc4c0609da514c394ec081f81fd
Request Chain 2028
  • https://match.deepintent.com/usersync/108 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Request Chain 2029
  • https://match.deepintent.com/usersync/112 HTTP 303
  • https://id.rlcdn.com/467756.gif HTTP 307
  • https://match.deepintent.com/usersync/112/store?id=Xc1364Isgzn9ilbBbCWrvu1W6rszOnFm7GP4E8CCUK__GyDMA
Request Chain 2030
  • https://match.deepintent.com/usersync/150 HTTP 303
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
Request Chain 2031
  • https://match.deepintent.com/usersync/121 HTTP 303
  • https://thrtle.com/insync?vxii_pid=10036&vxii_pdid=di_a1f61cad865644a2aaed7&vxii_r=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F121%2Fstore%3Fid%3D%24%7Btid%7D HTTP 302
  • https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
Request Chain 2032
  • https://match.deepintent.com/usersync/126 HTTP 303
  • https://ib.adnxs.com/setuid?entity=463&code=di_a1f61cad865644a2aaed7
Request Chain 2033
  • https://match.deepintent.com/usersync/129 HTTP 303
  • https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_a1f61cad865644a2aaed7 HTTP 302
  • https://sync.teads.tv/um?eid=20&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2034
  • https://match.deepintent.com/usersync/147 HTTP 303
  • https://id5-sync.com/s/987/5.gif?puid=di_a1f61cad865644a2aaed7&callback=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F147%2Fstore%3Fid%3D%7BID5UID%7D HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AACX7E7J6oIAACoiJc0fIg&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F1241%2F4%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/987/1241/4/2.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F104%2F3%2F3.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/987/104/3/3.gif?puid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=26&3pid=54d10197-cb46-413a-91f9-8e6ea8d9de90&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F1227%2F2%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/987/1227/2/4.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F826%2F1%2F5.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/987/826/1/5.gif?puid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F1228%2F0%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/987/1228/0/6.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
Request Chain 2035
  • https://match.deepintent.com/usersync/106 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=deepintent&google_hm=ZGlfYTFmNjFjYWQ4NjU2NDRhMmFhZWQ3&google_cm HTTP 302
  • https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
Request Chain 2049
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
Request Chain 2057
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Request Chain 2064
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2066
  • https://match.deepintent.com/usersync/108 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Request Chain 2067
  • https://match.deepintent.com/usersync/112 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Request Chain 2068
  • https://match.deepintent.com/usersync/150 HTTP 303
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
Request Chain 2069
  • https://match.deepintent.com/usersync/121 HTTP 303
  • https://thrtle.com/insync?vxii_pid=10036&vxii_pdid=di_a1f61cad865644a2aaed7&vxii_r=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F121%2Fstore%3Fid%3D%24%7Btid%7D HTTP 302
  • https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
Request Chain 2070
  • https://match.deepintent.com/usersync/126 HTTP 303
  • https://ib.adnxs.com/setuid?entity=463&code=di_a1f61cad865644a2aaed7
Request Chain 2071
  • https://match.deepintent.com/usersync/129 HTTP 303
  • https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_a1f61cad865644a2aaed7 HTTP 302
  • https://sync.bfmio.com/sync?pid=103&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&dsp_id=&dsp_uuid=&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 2072
  • https://match.deepintent.com/usersync/147 HTTP 303
  • https://id5-sync.com/s/987/5.gif?puid=di_a1f61cad865644a2aaed7&callback=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F147%2Fstore%3Fid%3D%7BID5UID%7D HTTP 302
  • https://ce.lijit.com/merge?pid=85&3pid=AACX7E7J6oIAACoiJc0fIg&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F1241%2F4%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr_consent%3D&s=id5 HTTP 302
  • https://id5-sync.com/c/987/1241/4/2.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=198601&cb=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F165%2F3%2F3.gif%3Fpuid%3D__UID__%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
  • https://id5-sync.com/c/987/165/3/3.gif?puid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F821%2F2%2F4.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
Request Chain 2073
  • https://match.deepintent.com/usersync/106 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=deepintent&google_hm=ZGlfYTFmNjFjYWQ4NjU2NDRhMmFhZWQ3&google_cm HTTP 302
  • https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
Request Chain 2084
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D631495%26t%3Dimage%26uid%3D%24UID HTTP 302
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
Request Chain 2085
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=zyBPIM0lGiXUcBx0wXYEIMtwHSzUIBF0zyaIV7q5 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 2086
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=$D&initiator=platform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=ad3c3e1d-5562-463a-9909-5fe7873052b0&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2087
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
Request Chain 2088
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 2089
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Request Chain 2090
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Request Chain 2091
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
Request Chain 2094
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2095
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 2108
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
Request Chain 2109
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
Request Chain 2110
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Request Chain 2111
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
Request Chain 2112
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
Request Chain 2113
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
Request Chain 2114
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
Request Chain 2122
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Request Chain 2123
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Request Chain 2124
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 2137
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D24%26pid%3D62f53b2c7850d0786f227f64%26key%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=24&pid=62f53b2c7850d0786f227f64&key=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 2145
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 2156
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2159
  • https://ums.acuityplatform.com/tum?umid=8&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822877106412
Request Chain 2160
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Request Chain 2164
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2172
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2179
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
Request Chain 2180
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
Request Chain 2181
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
Request Chain 2182
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
Request Chain 2183
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
Request Chain 2184
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
Request Chain 2185
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Request Chain 2190
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 2191
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel HTTP 302
  • https://x.bidswitch.net/sync?ssp=ambient HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=ambient&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=ambient&gdpr=0&user_id=zyBPIM0lGiXUcBx0wXYEIMtwHSzUIBF0zyaIV7q5 HTTP 302
  • https://cm.gammaplatform.com/adx/recv?pid=7&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Request Chain 2192
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2195
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Request Chain 2201
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 2205
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2208
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 2211
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AACX7E7J6oIAACoiJc0fIg&dataProviderId=817&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 2213
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2222
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2223
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 2228
  • https://event.hgrtb.com/sync/triplelift?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmfuid%26dongle%3D8f7 HTTP 302
  • https://eb2.3lift.com/xuid?mid=7666&xuid=fc5fd944-b642-49ca-818f-124213753c6b&dongle=8f7
Request Chain 2229
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7414&xuid=1813050723370043128&dongle=U48
Request Chain 2230
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dy2aI2Ueo8q3c%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=y2aI2Ueo8q3c&dongle=8bee&gdpr=0&gdpr_consent=
Request Chain 2231
  • https://trc.taboola.com/sg/TripleliftSCoD/1/cm?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7772%26xuid%3D%3CTUID%3E%26dongle%3Dtbla HTTP 302
  • https://eb2.3lift.com/xuid?mid=7772&xuid=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba&dongle=tbla
Request Chain 2232
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab HTTP 302
  • https://sid.storygize.net/csr?r=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3396%26xuid%3D169e4ab0-16cf-492a-9c7d-27d482d88b2f%26dongle%3Dc7e1 HTTP 302
  • https://eb2.3lift.com/xuid?mid=3396&xuid=169e4ab0-16cf-492a-9c7d-27d482d88b2f&dongle=c7e1
Request Chain 2233
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7354&xuid=640113117700930142&dongle=AD20&gdpr=0&gdpr_consent=
Request Chain 2234
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent= HTTP 303
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_a1f61cad865644a2aaed7&dongle=fg7
Request Chain 2240
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AACX7E7J6oIAACoiJc0fIg&dataProviderId=817&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Request Chain 2244
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2252
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
Request Chain 2262
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 2264
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2265
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 2269
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2277
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Request Chain 2298
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=77bb92bc82a4449c8d2bae1f60dd6263&expiration=1696386631
Request Chain 2300
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 2304
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2305
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Request Chain 2310
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=4187545677285024608258 HTTP 302
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=4187545677285024608258
Request Chain 2312
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=4187545677285024608258&gdpr=0&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&41396=4187545677285024608258&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Request Chain 2313
  • https://s.company-target.com/s/tlx?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8804%26xuid%3D%7Bxuid%7D%26dongle%3D6aix HTTP 302
  • https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=edee8b52-66cf-4865-b85b-7a92b8bcf9d0
Request Chain 2314
  • https://ums.acuityplatform.com/tum?umid=23&uid=4187545677285024608258&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3391&xuid=822877106412&dongle=6f30
Request Chain 2315
  • https://ad.mrtnsvr.com/sync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7976%26xuid%3D%23PM_USER_ID%26dongle%3Du6nf%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=7976&xuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&dongle=u6nf&gdpr=0&gdpr_consent=
Request Chain 2316
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4557%26xuid%3D[sas_uid]%26dongle%3D7044%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4557&xuid=990277896830277133&dongle=7044&gdpr=0&gdpr_consent=
Request Chain 2318
  • https://sync.1rx.io/usersync2/triplelift HTTP 302
  • https://p.rfihub.com/cm?pub=28593&in=1&rndcb=5122930786 HTTP 302
  • https://sync.1rx.io/usersync/zeta/1813050723370043128 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005%26dongle%3D2dcc HTTP 302
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&dongle=2dcc
Request Chain 2319
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dy2aI2Ueo8q3c%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=2636&xuid=y2aI2Ueo8q3c&dongle=8bee&gdpr=0&gdpr_consent=
Request Chain 2325
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 2326
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 2334
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
Request Chain 2339
  • https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_pre=CN3g6dr0j4EDFXEsiAkdrQgHtw;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1
Request Chain 2342
  • https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_pre=CJf_6tr0j4EDFUjiswod1gIG5w;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1
Request Chain 2343
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
Request Chain 2345
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.nodserving.com&sn=ChromeSyncframe&so=0&topUrl=www.shefinds.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=76G9eXw0S1FjWlZPQVJIMFJBVXV6Yzh3dE9jR0ZmYVlOK0I2TFBjdjRpWVBZaEduUU9DZGZUS1NROVovZUw5dGRrNUdMTjhyNGEzbXNCcnVSNWJ2c3RhZWpqam9DeHd4TE9PUTV1d0RKTzdRYkoyc0JrVTBLa1F4aFRteHVMUXBIc3FpUkJnK3krZWVjb3A2ZElGNFQybXIxYWNhbUdYS09wQnJJaEg2YUQ5WEdBTWFqR0RzZ3poU2t2OGpDUmFHME1mQzNIaFAwSUxFTENUWTdDU3R0U2NheVU4QXhHbFgxTlVtRld3SFd3aytaNVZockZwbGZ6b2RzajlyT2lDWE5Oc3l2RmZMRVhoRjN6SkJ5RWdpSUtlOEswL3hkUVorRHF6NXBsNjJYQUdvc3I5az18&cppv=2
Request Chain 2346
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.medocdn.com&sn=ChromeSyncframe&so=0&topUrl=www.shefinds.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=bYrQfnxueTVicjNXS0hyMWVXVFAzcGhYbU1URVJoNjdsQ3VuZlNVbXhDK0w3QlpOZjIyMGlKNXlQekEzNFliZkIvQnpTb0NCNnZOdlAxbm5reVlyYlA0ZnpXTGJHc1g1ZTJEVjdqQk5zVWpwOHFRU01kUFI1NldLV0Y3L1FuOUNCV3JyM2tJMER3bkczMFNsN0xnTmQ4WWRrQ2pwL3N4MUhrSTdBYTM1bzFVRUx6SnVVMmdtQU12RDkwSFZjSkxOMkxLdXY1YjVkaVpTNGh1a29UM3dwZVBMbCtyOTdJMU9JK20vOHJwUnRzbzNyUHBRam9ITk9zSUhCUnU2TisrTk5MYmlHTHBMaVovRkxEcVY4Qm1WaU5BeUhmK1RwbWJmNEJjVGl6SmhDL2lFeWsybz18&cppv=2
Request Chain 2354
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
Request Chain 2358
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 2361
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D%7BOPENX_ID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=8f3e33f9-3f12-0cbb-2f00-dc2952e985d7 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662104814330646
Request Chain 2362
  • https://sync.1rx.io/usersync/openx/15335226-d1d8-074e-08b6-3b26068f3197 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005%26dongle%3D2dcc HTTP 302
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&dongle=2dcc
Request Chain 2363
  • https://match.prod.bidr.io/cookie-sync/ox HTTP 303
  • https://us-u.openx.net/w/1.0/sd?val=AACX7E7J6oIAACoiJc0fIg&id=537125688
Request Chain 2365
  • https://oxp.mxptint.net/OpenX.ashx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CA5_10874D1AA_4C1A5CCE
Request Chain 2370
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.medocdn.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=N6jCw3xmWEw2U3ZVZnBnbUJOcVJ1OCttbStSRUlsVjEwQlJid2JLSWorQXRTaW4wak82M1c2M0xYbm9uK1oyNFhoaEJDWThYTW83RmROVUVuV3YyMHlPcGlqRnRMTjltcmczS3RiWWFxdEZ6YUxJbWFZcjNrdW5mY1JDa1lvaDdFTWZTd1g3MWN5U0Q3NFJwZWgwZ1A2RU9IbUJ2dlRNOFdtYW0zQzUxNUhaNjFZZ0ErUEhsUUc1MFU3aGM4Z09jYmRPMVQ4UHJvTHRpeUtIT3hSRU9ZMk1pOFFsUjBoUW96YStYU1A5SDlSWTkvYUE3ekJESEllRk1GWDlXZmZ3N0RaUWRqK1dyUTBId0txT1hmNGtJN2drY2JrdTRvS1pPc2ppYnBwSWw5ckR6TUVzQT18&cppv=2
Request Chain 2375
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.nodserving.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ddHFYXwxM1J3M3BXL21aYURDdUU2bWllblBTTE9ub2xFbFQyTHFBc1ZORnNpK212T1lmZmYvVllzVlgzc1dPajhGNzIzK1JiRzk2VkZGOTRnZ09HOTR4TXJSbVBJT2tHR1J6TytWbTZaWWhtN01FcWhuS0hpYzA2TWVJLzZmYzhJd0FtYWtHd0hVOXd6ckRFemxxVUZFa1pHVy9rVnYvTjdzUjFMMkluVVgxVHJvVTdJY1NGb25aOG9zbkxoMW5jWXl2UzdMWlJoUTRLbkhSaW1ISVdScitxNHlhNDJHSXpCUjBxam1CUk9Za0VTZklHenhDUjdsRVQxZGFWZGsxTTR4N1RjVmpEckpqMFlqeFZUdGRIZjh5SnBiQnRuWnowa0VnZGMxdzF4cllPRW04dz18&cppv=2
Request Chain 2384
  • https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Request Chain 2400
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
Request Chain 2401
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
Request Chain 2404
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Request Chain 2426
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=HQzWZQZHTprevADoQOeL11M1 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc HTTP 302
  • https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Request Chain 2428
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 2429
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 2435
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2446
  • https://ads.stickyadstv.com/auto-user-sync HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Request Chain 2456
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=BfCE3hDnG2SOJFTOP3fi&pi=openx&gdpr=0
Request Chain 2457
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=f8e50ff9-06ea-033f-0295-8853109345ec&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=822877106412
Request Chain 2458
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_d310d0c3-9c84-4ec9-b774-cedfdb0bae3f
Request Chain 2459
  • https://tr.blismedia.com/v1/api/sync/openx HTTP 307
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=64F54135CB651D785D3403B7BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D64F54135CB651D785D3403B7BLIS HTTP 302
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=64F54135CB651D785D3403B7BLIS HTTP 307
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia HTTP 302
  • https://tr.blismedia.com/v1/dpusync/6?uid=LM49KSCX-B-B1NA
Request Chain 2460
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881033&nuid={OX_USER_ID}
Request Chain 2461
  • https://px.owneriq.net/eox HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7470810201041396218P
Request Chain 2462
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
Request Chain 2464
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
Request Chain 2467
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
Request Chain 2470
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 2471
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
Request Chain 2472
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
Request Chain 2473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386633
Request Chain 2474
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Request Chain 2475
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8 HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Request Chain 2476
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Request Chain 2477
  • https://ups.analytics.yahoo.com/ups/58545/occ HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Request Chain 2482
  • https://idsync.rlcdn.com/403716.gif?partner_uid=24td0frjcg4v9teczygazdi3f HTTP 307
  • https://cms.analytics.yahoo.com/cms?partner_id=LVRMP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58768/cms?partner_id=LVRMP HTTP 302
  • https://idsync.rlcdn.com/380008.gif?partner_uid=y-mAbTxSlE2pwDoiwkY41nzIyHoBq9Fv6ZCaY-~A
Request Chain 2497
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=be9ad483-e088-4267-a345-03c46e0ae8c9&user_group=1&ssp=gumgum2&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Request Chain 2498
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Request Chain 2499
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
Request Chain 2500
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Request Chain 2501
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Request Chain 2502
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Request Chain 2503
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
Request Chain 2506
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=77bb92bc82a4449c8d2bae1f60dd6263&expiration=1696386633
Request Chain 2507
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822877106412
Request Chain 2508
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Request Chain 2509
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 2512
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Request Chain 2513
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2520
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Request Chain 2521
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Request Chain 2522
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 2529
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFprWTJ4clExbnFHSGltWEEzJTJGa0hEZyUyRjhmSnUlMkZVbVA1JTJCWE5UUjZLJTJCdHN4dFhKWVZqUEV0emVvUmRSM3QxdVJvMDF2SW5KdGRvNW9Qc1VEcEVIU2VRTFNpdGdCSHQwbnpmRHIxN2hnJTNEJTNE&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=ozNvBHxxVmNxY1pGVlViYnE4ZGJZejhRakRpZUhYbUhZUXhqeit6RFRtNWNtWlZSWnhReGdqK21ad2w2UUtkR3oxVUIxOG1sYW9pTVg1S0M1Y3E3cDI2RDNtejVsZFVwL0xIempLcWtQS1hJNnd5czlxKythcEtMWnZ4NHN4QlJvUEpkdnJINExuYWROdkNlcGZZYjk3dTlSb3B2N3ZFbTlQNGZ2Wml1Y1ZrTTMyVHlyYTFOQVlSaVB5OHJ4aGx1YUJXTDNZV1EyYjZkY1FjWTkxeVQ5dGRsd1kyQUxINjVtVStDNUNBdFNiL1cwb1c2TTczUjRieDd5SzU3SVRlZXk0SGlvbFpsT2haV00rMVJWNUs3VThlVFVGZW16dkNqeU8vY0pvZjZoamR2MGhxZz18&cppv=2
Request Chain 2536
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID HTTP 307
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Request Chain 2537
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D HTTP 302
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Request Chain 2592
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Request Chain 2597
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2599
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.a578a0594ed8463abced9985b60a096e
Request Chain 2600
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=fa99e75b-d1a7-01d5-0ee5-61c210565a8d&redirectId=2257 HTTP 302
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6 HTTP 302
  • https://match.deepintent.com/usersync/108/ HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Request Chain 2601
  • https://dmp.brand-display.com/cm/api/openx HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fcf21a0-5429-cdf4-fa82b175
Request Chain 2603
  • https://ssbsync.smartadserver.com/api/sync?callerId=81&gdpr=0 HTTP 302
  • https://u.openx.net/w/1.0/sd?id=540394477&val=990277896830277133&gdpr=0&gdpr_consent=
Request Chain 2613
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2616
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Request Chain 2617
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 2621
  • https://match.deepintent.com/usersync/108 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Request Chain 2622
  • https://match.deepintent.com/usersync/112 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Request Chain 2623
  • https://match.deepintent.com/usersync/150 HTTP 303
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
Request Chain 2624
  • https://match.deepintent.com/usersync/126 HTTP 303
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Request Chain 2625
  • https://match.deepintent.com/usersync/121 HTTP 303
  • https://thrtle.com/insync?vxii_pid=10036&vxii_pdid=di_a1f61cad865644a2aaed7&vxii_r=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F121%2Fstore%3Fid%3D%24%7Btid%7D HTTP 302
  • https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
Request Chain 2626
  • https://match.deepintent.com/usersync/129 HTTP 303
  • https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_a1f61cad865644a2aaed7 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 2627
  • https://match.deepintent.com/usersync/147 HTTP 303
  • https://id5-sync.com/s/987/5.gif?puid=di_a1f61cad865644a2aaed7&callback=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F147%2Fstore%3Fid%3D%7BID5UID%7D HTTP 302
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F821%2F4%2F2.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
Request Chain 2628
  • https://match.deepintent.com/usersync/106 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=deepintent&google_hm=ZGlfYTFmNjFjYWQ4NjU2NDRhMmFhZWQ3&google_cm HTTP 302
  • https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
Request Chain 2629
  • https://b1h.zemanta.com/usersync/prebid?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Doutbrain%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D__ZUID__ HTTP 302
  • https://sync.outbrain.com/sync-external?uid=tBqhGL_SEgdE6TJQpXUm&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ%26p%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3D-1%26initiator%3Ds2s HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=criteo&uid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=-1&initiator=s2s HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=appnexus&uid=$UID&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https://b1sync.zemanta.com/usersync/prebid/callback/?d=NB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=appnexus&uid=2535980227366638075&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ%26p%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3D-1%26initiator%3Ds2s HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=criteo&uid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=-1&initiator=s2s HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ%26p%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&uid=36146b43-d583-08d9-3b34-3063188cbac0 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ%26p%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3D-1%26initiator%3Ds2s HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=criteo&uid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=-1&initiator=s2s HTTP 302
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ%26p%3Dopenx%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Ds2s%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=openx&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&uid=36146b43-d583-08d9-3b34-3063188cbac0 HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ%26p%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3D-1%26initiator%3Ds2s HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=criteo&uid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=-1&initiator=s2s HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=appnexus&uid=$UID&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https://b1sync.zemanta.com/usersync/prebid/callback/?d=NB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=appnexus&uid=2535980227366638075&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=s2s HTTP 302
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fcallback%252F%253Fd%253DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ%26p%3Dcriteo%26uid%3D%40%40CRITEO_USERID%40%40%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26platformId%3D-1%26initiator%3Ds2s HTTP 302
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=criteo&uid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&platformId=-1&initiator=s2s HTTP 302
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=appnexus&uid=$UID&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Request Chain 2643
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Request Chain 2644
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Request Chain 2645
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Request Chain 2647
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Request Chain 2649
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Request Chain 2657
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmF3eGRPdG5EcXFVck5ZenR3c0VHb0x5clkzWGktMmlaR1pUdExja2ZVNDQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEBV92U7_8josOqpeCq3WzFo&google_cver=1
Request Chain 2658
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ps.eyeota.net/match?uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&bid=1e2n4ou
Request Chain 2659
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot HTTP 302
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot HTTP 302
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Hv8QG3lE2pVtECYhLdk65gGeeyCnpruv1Gs-~A
Request Chain 2660
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u HTTP 302
  • https://ps.eyeota.net/match?uid=ZPVBNgANs6j7wQAb&bid=0rijhbu&referrer_pid=51md42u
Request Chain 2661
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u HTTP 302
  • https://ps.eyeota.net/match?uid=2535980227366638075&bid=2cr76e1&referrer_pid=51md42u
Request Chain 2664
  • https://ap.lijit.com/pixel?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Request Chain 2665
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=de826e317f70a0b3dfe489aa3aeab830
Request Chain 2675
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=null HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=null&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Request Chain 2676
  • https://ap.lijit.com/pixel?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Request Chain 2678
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.safeservingcdn.com&sn=ChromeSyncframe&so=0&topUrl=www.shefinds.com&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=Cb_VUXxSVThwZkJ3WklveVdJYjJUNDJBZ3lvdStSR09yMkg4SzZ5UExPa0FqcDZKa1g4akFad2lDTmIxbEVCQUZVZHVxOTZvckY5dDhXRG5idHlDWDBNRENtTFVQNVdTNjloVjBEZjg0Y2o4aUZ3S0U5U1gxR2pCd3U3WERCeXJGTjFwTDk3S0VBcHNwdjRqcmN5TllYenZMWTJFVmVpQ1hBYjNnQnVuVTI3NytTaVRoOUdSNlNuQndETUdINnpPNDBuUTNZRWYyNmxQZmtOaGFSWEFnYkJucmhoSUxQRjVhOE9rZTQxN1E2Z1FnT3pTVUVuaGtDS1Q2NTlXNDQ0NUJlSm1NcG9MY2E2SWRYY3JnOG5Zcm1iYlZJcDdLdjRoSGd2bG5QY29kVGF4RkI2ST18&cppv=2
Request Chain 2681
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=null HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3Dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
Request Chain 2684
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=null&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0 HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0 HTTP 302
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Request Chain 2687
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
Request Chain 2690
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid= HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3Dnull&gdpr=0&gdpr_consent=null HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null HTTP 302
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
Request Chain 2691
  • https://ssp.disqus.com/redirectuser?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dzeta_global_ssp%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3DBUYERUID&partner=magnite HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=zeta_global_ssp&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
Request Chain 2692
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 2693
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Request Chain 2700
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50&us_privacy=1--- HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
Request Chain 2701
  • https://sync.adkernel.com/user-sync?t=image&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadkernel%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D183045%26dsp%3D343983%26t%3Dimage%26uid%3D HTTP 302
  • https://sync.adkernel.com/user-sync?zone=183045&dsp=343983&t=image&uid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415 HTTP 302
  • https://prebid-server.rubiconproject.com/setuid?bidder=adkernel&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=A7298272160482644129
Request Chain 2703
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=rTs6znxhVEpLaG9wUkxBenJUYVZHakZ6amtzTXFjRndYdXNMb2oybzBvV3lxM29iTEtkbkpUdm9qU2gxakNIbUJTSUJVTkdBMHR2amZCVU5KRno5VEV4endUVEN6N2l1ZzdYT0p2Rk5EaXdaaG9TRHhTUWNmOHpZVjVoWld6eXhHSEtMVWRKd2YvMjMwS1JEWWMzVWU3SEN6RlpSaVhhUnQxNlRRMUNqVGp5U01GTGZsV0RDaGhYRHFLRWU4ajVlWWdpK0laSFdBUkZON0VOQTFndGE2bkgvRnI4cUZReVJwMVBzSTBkb0pFYjQ0ZTNWQXhBNEVFQWdhMTYzUnZ6cVQ3RUpyOE54T0xpeEFuVUxmbjVRWENnMGNlK1NiVlJrdmlQMFJwVmVnOXN3VmQxMD18&cppv=2
Request Chain 2708
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
Request Chain 2711
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50&us_privacy=1--- HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
Request Chain 2713
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
Request Chain 2714
  • https://cm.adform.net/cookie?limit=50&us_privacy=1---&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
Request Chain 2715
  • https://cm.adform.net/cookie?limit=50&us_privacy=1---&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
Request Chain 2718
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Request Chain 2720
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM49KSCX-B-B1NA&gdpr=0
Request Chain 2721
  • https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3DCEN HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=CEN
Request Chain 2722
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3Dopenx HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=openx
Request Chain 2724
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3Dopenx HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=openx
Request Chain 2725
  • https://creativecdn.com/cm-notify?pi=vidoomy HTTP 302
  • https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=BfCE3hDnG2SOJFTOP3fi&pi=vidoomy
Request Chain 2729
  • https://ap.lijit.com/pixel?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Request Chain 2741
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50&us_privacy=1--- HTTP 302
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
Request Chain 2754
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM49KSCX-B-B1NA&gdpr=0
Request Chain 2755
  • https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3DCEN HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=CEN
Request Chain 2756
  • https://cm.adform.net/cookie?limit=50&us_privacy=1---&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142

2743 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.shefinds.com/collections/walmart-packaging-change/ 		112 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.28 PleskLin
Resource Hash
94168c869afcda4c97d8247dbb7acb00a8b551b86a427ad72deca215f5813a90

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=3471, public
cf-cache-status
DYNAMIC
cf-ray
8012cf04cb734bd3-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:06 GMT
expires
Mon, 04 Sep 2023 03:27:56 GMT
last-modified
Mon, 04 Sep 2023 02:27:56 GMT
link
<https://www.shefinds.com/wp-json/>; rel="https://api.w.org/" <https://www.shefinds.com/?p=907296>; rel=shortlink
pragma
public
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.28 PleskLin
gardac-sync.js
bc.marfeelcache.com/statics/marfeel/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
via
1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
6afe0e75712a4ed7aec1940f07173985
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1692691662240
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
a1e2876539d349d99eb8fa4459fa0632
x-mrs-age
2281
content-length
3764
x-mshield-cache-status
HIT
x-served-by
mshield-b-02, haproxy1, cache-yul12834-YUL, cache-yyz4537-YYZ
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1693794607.044584,VS0,VE4
etag
W/"08e1729697a60cc7f930ece0a1a11fb0e"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86401
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
7Qn3r6by1R0kqtk5U8Oz0Z43TKvuw1DkaJlh1hbLqSz1R3j5LAKcrg==
x-cache-hits
243, 1
main.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ 		53 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/main.min.css?ver=1.0.6
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9d484e0bc43c2fe1616f13be7286217a719cc4f38162595166ff05fe55bd08d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Aug 2019 12:44:12 GMT
server
cloudflare
age
837
etag
W/"5d691a1c-d43e"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf05bb7b4bd3-BUF
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
324577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Thu, 22 Jun 2023 10:45:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494263c-ccf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2B5CIsh2c4hIN2TNy52Zkt%2FxhIvwSjGm0e2FsmQY0xkWu1B9IydOV%2FtrCedQNd108xDllNX9TaoetYtNLLT5fVNupOc8WzvN72ZDAzN8jnHeDqC3w5L4rePoNhqFpe0VolniH2Pxv0osG%2BNhSCtcU8Jr"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8012cf0619664bc7-BUF
expires
Sat, 24 Aug 2024 02:30:07 GMT
/
cloud.typenetwork.com/projects/2101/fontface.css/ 		730 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.typenetwork.com/projects/2101/fontface.css/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c73375eb59df657ad502e98ba1d00c19cff4db28839900fc20b2b2d54bc79c5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
x-amz-request-id
tx00000000000002a618f9c-0064f48549-76252ea8-nyc3c
age
479
x-envoy-upstream-healthchecked-cluster
x-cache
HIT
content-length
730
x-served-by
cache-yyz4548-YYZ
last-modified
Sat, 24 Dec 2022 16:17:08 GMT
x-timer
S1693794607.059652,VS0,VE1
etag
"228cb88d245a31343060024e93e4d9ad"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1693746505.cdn4-pxy211-yyz02.tr2.evs,1693746505.cds218.tr2.pr
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
x-cache-hits
1
style.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1c46829c0fdbb5a474b233d1b95b4058205430a12b8b5479ec947ce0aa42f3dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 09:05:45 GMT
server
cloudflare
age
837
etag
W/"63871ce9-1ca0c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf05bb7c4bd3-BUF
mobile.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/mobile.min.css?ver=1.1.46
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
172e82fb9c69d0838aff5ecc6ccf73b4dd42372045993942b56a6e2885144377

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 May 2018 07:13:47 GMT
server
cloudflare
age
837
etag
W/"5aec082b-4a96"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf05bb7d4bd3-BUF
home-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
837
etag
W/"63e1ec80-496c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf05bb7e4bd3-BUF
single-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/single-new.min.css?ver=1.0.35
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fdbfddeacca164c72809d65be2542f9f24f541d226871af20ae1b11681c1ab49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
837
etag
W/"63e1ec80-8143"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf05bb7f4bd3-BUF
sbi-styles.min.css
www.shefinds.com/wp-content/plugins/instagram-feed/css/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.3.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2021 09:13:18 GMT
server
cloudflare
age
837
etag
W/"6131e72e-41b7"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf05bb804bd3-BUF
style.min.css
www.shefinds.com/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-includes/css/dist/block-library/style.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Aug 2023 15:21:24 GMT
server
cloudflare
age
837
etag
W/"64e4d274-19824"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf05bb814bd3-BUF
ccb-frontend.min.css
www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ccb-frontend.min.css?ver=1.0.7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f41cb22f351b579a92ce50fa657167533a58bf918469869e71092fdba2ae2b95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
837
etag
W/"63e1ec80-42d0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf05bb824bd3-BUF
single.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/single.css?ver=1.0.4
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fd56632b4b07ce2bd408199103760876ef5366d846cdca5b184e04f456eb21d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Fri, 29 Jun 2018 06:15:00 GMT
server
cloudflare
age
837
cf-polished
origSize=19885
etag
W/"5b35ce64-4dad"
vary
Accept-Encoding
x-powered-by
PleskLin
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf05bb834bd3-BUF
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 11:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
401378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 11:00:29 GMT
global_combined.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/global_combined.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
efa4025d1f80af52b3bde5aa3427b3080f231ca54e50315b386833bd58f4d5b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 11:41:53 GMT
server
cloudflare
age
837
etag
W/"6239b601-7c40"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012cf05bb844bd3-BUF
collections.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ 		2 KB
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/collections.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2f52c83d011c40ab1b778bd0f6149e2065c85248d97c472dbeea3bdeb18d77d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 13 Feb 2018 14:53:29 GMT
server
cloudflare
age
837
etag
W/"5a82fbe9-6ab"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012cf05eb854bd3-BUF
analyticstrain.min.js
cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-49.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e69bbb9d255e0800f75b87ed45302ff6dce75e08aa1223ec1e59ed6058cc3839

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
Date
Mon, 04 Sep 2023 01:52:26 GMT
X-Amz-Cf-Pop
EWR50-C1
Age
2262
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 22 Jul 2020 23:39:36 GMT
Server
AmazonS3
ETag
W/"0e107974c7663dc3d598a29c1079881d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
2tTk3maD7CiwQVDO4Ov7pTwZka9HJBV62ZCylzzoHjzDFxyDkcHv6Q==
js
www.googletagmanager.com/gtag/ 		236 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-SPS2TCRBW2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a576c657185f4c5e658c5ca84bc69534a40d87eeca7d0541fcb414634e4b76c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82980
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Sep 2023 02:30:07 GMT
blogherads.js
ads.blogherads.com/static/ 		583 KB
253 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/blogherads.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba7d7f7dce9a821137b1271aa91d888b437ae493762d78490d9d7ae854517110

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
W1HA8Z9V5DAG6SXQ
age
1784
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
Kcgl3ExwEDMt6qYCUpW5L1F1p4+6g8CSzUo8wP6CVAzMVi9NnEJk6pFPMHgUvwSrKl1M1S3x87w=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:29 GMT
x-timer
S1693794607.225872,VS0,VE0
etag
W/"5dcb5d63d8589078f11c0428a5a57cd1"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
6
header.js
ads.blogherads.com/bh/41/412/412983/2498530/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/bh/41/412/412983/2498530/header.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8bf555039a25ddd0b8db4e0e409887bbfdd4e3b34aa13421fec724b0b9beb00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
H1HS66R19RPRWZB8
age
1561
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ZfDtBwhralYwOMAKcC9ozbooS2OdTE7SRQEAwC5qxs2W/4pLZvjv0ib/nrZxIUuYmYOTJPv2s68=
x-served-by
cache-yyz4553-YYZ
last-modified
Mon, 04 Sep 2023 02:01:10 GMT
x-timer
S1693794607.225792,VS0,VE0
etag
W/"fc6bd3e221b17a146d498d9bc8bc92f7"
vary
accept-encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
3
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
603, 617, 617, 617, 617
age
3390973
cdn-cachedat
2021-06-08 11:00:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
68ed376e32c5cd61208c3e2716560319
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8012cf062c514bcc-BUF
cdn-requestpullsuccess
True
load.js
s.ntv.io/serve/ 		613 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.46.189.107 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-189-107.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
87bfcdc6b3c61567aed26c9f0687c830cf5d948a81b5df9acf75163ecee402be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:07 GMT
Content-Encoding
gzip
x-amz-request-id
8VQJBRBPPC8A0KGA
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
HlrvcDbzNUHSz7/ARY3dR3PfR+SCyokDLhWXW4YnoMVPvDwQ6NUe7uZDog5jz+l2Xoj10v104uo=
Last-Modified
Mon, 28 Aug 2023 18:19:02 GMT
Server
AmazonS3
ETag
"f247c1f111b2fe4795867bebc1cc8d8f"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
menu-ico-new.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		124 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/menu-ico-new.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ba381e54279a07776f1bf69131b32f3958acdff2e2b37334dced95c4e0dedc50

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
age
836
cf-polished
origFmt=png, origSize=214
x-powered-by
PleskLin
content-disposition
inline; filename="menu-ico-new.webp"
content-length
124
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-d6"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb914bd3-BUF
new-logo-mob.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/new-logo-mob.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
563c2828b96e60d471d369d0f12dabe89e209931b7f1486dec16ab7a19c87930

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
age
836
cf-polished
origFmt=png, origSize=3557
x-powered-by
PleskLin
content-disposition
inline; filename="new-logo-mob.webp"
content-length
2364
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-de5"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb924bd3-BUF
sub-new-img.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		216 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/sub-new-img.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a9daaba14208d4a11facc1c74d4fac2717864aedd04b68d1f3076ffee8863c41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
age
836
cf-polished
origFmt=png, origSize=380
x-powered-by
PleskLin
content-disposition
inline; filename="sub-new-img.webp"
content-length
216
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-17c"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb934bd3-BUF
gwen-stefani-attends-Glamour-Women-of-the-Year-Awards-2016.jpg
www.shefinds.com/files/2023/09/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/gwen-stefani-attends-Glamour-Women-of-the-Year-Awards-2016.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8afb7b16db12143090af897471534a4798ff7e1977711c8b631eaa9b87197418

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 09:47:18 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=167952
vary
Accept-Encoding
etag
"64f304a6-29010"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb944bd3-BUF
content-length
155737
Prince-Harry-attends-Queen-Elizabeths-funeral.jpg
www.shefinds.com/files/2023/09/ 		422 KB
423 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Prince-Harry-attends-Queen-Elizabeths-funeral.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
557c7242da6967c57875ea939198caaa3bc37cfee87a9652ecb57a4152e7654b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 03 Sep 2023 22:58:19 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=449245
vary
Accept-Encoding
etag
"64f50f8b-6dadd"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb954bd3-BUF
content-length
432463
Angelina-Jolie-And-Salma-Hayek.jpg
www.shefinds.com/files/2023/09/ 		291 KB
292 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Angelina-Jolie-And-Salma-Hayek.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2c1640e3e54c335f18e92d56af8ea22052c5d3317670807c87bfd584fdff9808

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 03 Sep 2023 22:25:02 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=310386
vary
Accept-Encoding
etag
"64f507be-4bc72"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb964bd3-BUF
content-length
298252
Walmart-storefront.jpeg
www.shefinds.com/files/2023/08/ 		303 KB
303 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/08/Walmart-storefront.jpeg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2edf70b06f99f805f0d2dfff495e0993e8203dc07648bc8884fb4ffa63e36c80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Tue, 08 Aug 2023 20:15:02 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
status=not_needed
vary
Accept-Encoding
etag
"64d2a246-4bbab"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb974bd3-BUF
content-length
310187
Best-New-Beauty-Awards-2023-top-photo-1200x1200-1.jpg
www.shefinds.com/files/2023/08/ 		233 KB
233 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/08/Best-New-Beauty-Awards-2023-top-photo-1200x1200-1.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
082716f79dd5be3b8c16af34f54840685842cf86250a8b7fb0096ef04ebca04a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Tue, 29 Aug 2023 16:47:55 GMT
server
cloudflare
age
836
x-powered-by
PleskLin
cf-polished
origSize=254021
vary
Accept-Encoding
etag
"64ee213b-3e045"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb984bd3-BUF
content-length
238591
Walmart-pasta-packaging-plastic.jpg
www.shefinds.com/files/2023/08/ 		121 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/08/Walmart-pasta-packaging-plastic.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d8b1c608de12a6eed60afecf3745bb5edbdc1787e96c5ddc0e2055c4b9de1457

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Tue, 08 Aug 2023 20:15:43 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=129834
vary
Accept-Encoding
etag
"64d2a26f-1fb2a"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb994bd3-BUF
content-length
123605
widgets.js
embed.reddit.com/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/widgets.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
af661747e1e16baf44ab1687ae16a5bd53e09dc39f110beb2e4532782f2c5047

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
via
1.1 varnish
last-modified
Wed, 28 Jun 2023 16:17:28 GMT
server
snooserv
etag
"9b10976798f30c6e7ee6e4c86c27d683"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2540
945068
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=0&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/945068
36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/945068
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-59.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bfeda77ff4846c374e28021daddea54822643038b398188d1a30a64114bb9b64

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:54:37 GMT
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
last-modified
Fri, 01 Sep 2023 20:22:41 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
2132
x-amz-server-side-encryption
AES256
etag
"331c06e985743814a564f4099304de28"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
37030
x-amz-cf-id
xLaBgCBxI1GI2kC9KBpZUnUnTnZH0LsZKFr_-0d-q7RPoOvIqHgB0w==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:07 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/945068
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757488
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=1&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757488
47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757488
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-59.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ebde7060dcf9c2db0f9d8120e37ddcc61a0039b3df9ffda4b40149a3c4b9cb6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:15:03 GMT
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:46 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
906
etag
"f63c99dddc0e52c9224aa5196a473d2d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
48592
x-amz-cf-id
BaF21dpSQztMY5ijrb4_o2vtW4Mt0SUXtHawLiQUZiXJOZVheWheJA==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:07 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757488
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757538
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=2&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757538
52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757538
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-59.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb5452a94fc36817c3c0af8d5695cb2419c5ca657cd2c96bb7fd716e0b357874

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:16:01 GMT
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:23 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
848
etag
"6f9eddcc684620838879957700ceffd0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
52885
x-amz-cf-id
KFTh-7ndB9B0731eTl0s1UM7hlw-dwnalcxGP1Qro2uxFttt0HfSsQ==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:07 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757538
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757540
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=3&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757540
45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757540
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-59.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e7021ec0860bc9ddcc9c05cb9f1acfb1ea2e4fe710a04bee61f68027c7658d4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:53:49 GMT
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 21:59:56 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
2180
etag
"4de2c416ee3a82617a237daf0c3144e7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
45612
x-amz-cf-id
46c71WM9L2T-a8jq4UU9loiuGvrld9Hkouw1hp6ZvcwG3yoyERX88A==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:07 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757540
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757483
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=4&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=4&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757483
55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757483
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-59.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a8c6de7e4afe3d9c8d0703163df5ae98aeefbff45f96d4b95db70beddebfbb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:55:03 GMT
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:17 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
2106
etag
"fc13ebc1d30d9892f4b2b1b6efba9134"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
56043
x-amz-cf-id
4KV6T8PEn44rkUv_PchmsPM6i0ZKP68FwVqZOJYCO2h6k8HoV1b75w==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:07 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757483
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757539
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=5&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=5&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757539
48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757539
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-59.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e2047e0eedac1ff5ff206229050768b94e116cb0dcbc9437407cb2408030ac99

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:55:03 GMT
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 22:00:42 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
2106
etag
"28cf030ee690ae2afd943a3f14afb996"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
48683
x-amz-cf-id
2R-Ij1MfodJR0ZdcL4ShnKBA94QjIV49j45kLdHlrHOuWhAlJs2-gQ==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:07 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757539
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
945062
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=6&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=6&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=6&cs_esp=powerinbox_web&cs_containertype=web&cs_uid=57cf3fabbebe8b48be08a043e9d1c230
  • https://images-prod.powerinboxedge.com/v3/images/3682/945062
43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/945062
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-59.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2fed134db34f57e7b114bbcca30e47dbfb5b6abb959b27d838a6dd0fb554d2df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:58:05 GMT
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
last-modified
Fri, 01 Sep 2023 20:22:43 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
1924
x-amz-server-side-encryption
AES256
etag
"43a819740f075db1502033052cd1f409"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
43596
x-amz-cf-id
tUVjeXmO-hp639WMl9OX1kfD50FN24DObRG5wCDJAwCTU3Onx_628g==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/945062
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
757480
images-prod.powerinboxedge.com/v3/images/3682/
Redirect Chain
  • https://stripe.rs-stripe.com/stripe/image?cs_email={{GUID}}&cs_stripeid=12642&cs_offset=7&cs_esp=powerinbox_web&cs_containertype=web
  • https://tr.rev-stripe.com/stripe/image?cs_email=%7B%7BGUID%7D%7D&cs_stripeid=12642&cs_offset=7&cs_esp=powerinbox_web&cs_containertype=web
  • https://images-prod.powerinboxedge.com/v3/images/3682/757480
44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images-prod.powerinboxedge.com/v3/images/3682/757480
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
13.225.63.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-59.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d755760a25a3252ba4da7d35ecc29e8386e192f0048ca4c0fc1ddd0eebe2e514

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:55:01 GMT
via
1.1 284419e56e7f935ce4c1c55765241348.cloudfront.net (CloudFront)
last-modified
Mon, 19 Jul 2021 21:59:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
2108
etag
"c1af37770bf46306e127e00f15473dd5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=3600
accept-ranges
bytes
content-length
44620
x-amz-cf-id
3T95YsCVpJ7bcfnlN8_uHYyygMq2wxGZGZHyPc9ukWVua0FX3apXUg==

Redirect headers

request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:07 GMT
location
https://images-prod.powerinboxedge.com/v3/images/3682/757480
access-control-expose-headers
Request-Context
cache-control
no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
content-length
0
expires
-1
short.png
branding.revenuestripe.com/recommend/
Redirect Chain
  • https://stripe.rs-stripe.com/branding/recommend/short.png
  • https://branding.revenuestripe.com/recommend/short.png
872 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://branding.revenuestripe.com/recommend/short.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
13.225.214.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-11.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58a3242ba747b3c126b4a6f6d6881d569d30a9e2e2c5e70b08d2338293c3c313

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 05:27:03 GMT
via
1.1 a123807296d8a3060657bb737260f994.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jan 2022 22:16:11 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
2062985
etag
"69de7bae23dafcc7e38c4e59445aa693"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
872
x-amz-cf-id
3q5cxMOAbxsQJJvwuA1QoMB-yxN20LgNiC8KhAYqnUR-AXbGMpMkPg==

Redirect headers

location
https://branding.revenuestripe.com/recommend/short.png
access-control-expose-headers
Request-Context
cache-control
private
date
Mon, 04 Sep 2023 02:30:06 GMT
request-context
appId=cid-v1:71cb0741-0ab0-4052-8b9d-7d9ee84d94b7
content-length
171
content-type
text/html; charset=utf-8
email-decode.min.js
www.shefinds.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 25 Aug 2023 15:15:50 GMT
server
cloudflare
etag
W/"64e8c5a6-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
8012cf066b8a4bd3-BUF
expires
Wed, 06 Sep 2023 02:30:07 GMT
sp_BbylgSbK
launcher.spot.im/spot/ 		87 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://launcher.spot.im/spot/sp_BbylgSbK
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-5.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4cc847c7c9cf182a981687311808fb5b15893a7ac91526b879dd2dca2813ff7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
UoG2riUFMmU.51qVJdJ.fpSDE7fgNiGZ
content-encoding
br
via
1.1 4a6fd791b6663fb7a124f5d43d11ba3c.cloudfront.net (CloudFront)
date
Mon, 04 Sep 2023 02:29:05 GMT
x-amz-cf-pop
JFK50-P8
age
62
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21717
last-modified
Tue, 29 Aug 2023 12:23:18 GMT
server
AmazonS3
etag
"19e72e0ccba15369d72f756af9ff4e25"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-amz-cf-id
4yT2eywi9IRfFZ8HvCsl_sS10-nR3dmjTF-hH9CfW-Ja0TWiW_CgRw==
Kirkland-organic-apple-sauce.jpg
www.shefinds.com/files/2023/09/ 		248 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Kirkland-organic-apple-sauce.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e2c8dd889642487e976b8f78f3640dbe7ced0ad48112b972c21dd41f3617f09a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 03 Sep 2023 20:56:59 GMT
server
cloudflare
age
836
x-powered-by
PleskLin
cf-polished
origSize=265598
vary
Accept-Encoding
etag
"64f4f31b-40d7e"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb9a4bd3-BUF
content-length
254319
Meghan-Markle-looks-at-the-floral-tributes-left-at-Windsor-Castle.jpg
www.shefinds.com/files/2023/09/ 		244 KB
244 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Meghan-Markle-looks-at-the-floral-tributes-left-at-Windsor-Castle.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c32d1929b26bd7d736ea97b24d06b86c96a77a0158160f46bfd2cf95ecaa0c3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 09:38:30 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=264161
vary
Accept-Encoding
etag
"64f30296-407e1"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb9b4bd3-BUF
content-length
249924
older-woman-with-wrinkle-cream-on-her-cheek.jpg
www.shefinds.com/files/2022/10/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2022/10/older-woman-with-wrinkle-cream-on-her-cheek.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
362afdb7f49f842619ac1de7bb636ea64897c88c304fa81931b6f40e4b963494

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Thu, 20 Oct 2022 11:00:24 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=195719
vary
Accept-Encoding
etag
"63512a48-2fc87"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb9c4bd3-BUF
content-length
181366
Kris-Jenner-27th-Annual-ACE-Awards-2023.jpg
www.shefinds.com/files/2023/09/ 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Kris-Jenner-27th-Annual-ACE-Awards-2023.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
041639ca2ca4c1ac138d86d2beeed135b2bc0e0024240c313dfa17cebaf3815c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 03 Sep 2023 23:15:30 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=240289
vary
Accept-Encoding
etag
"64f51392-3aaa1"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb9d4bd3-BUF
content-length
227224
Kate-Middleton-and-Prince-Harry-watch-sail-boat-race.jpg
www.shefinds.com/files/2023/09/ 		168 KB
168 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Kate-Middleton-and-Prince-Harry-watch-sail-boat-race.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
8b4d701920988ac424209a3d0a821ff0064b11d2119843eb4ec8d6ff6cde6096

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 08:44:53 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=184200
vary
Accept-Encoding
etag
"64f2f605-2cf88"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb9e4bd3-BUF
content-length
171535
Ivanka-Trump-Donald-Trump-Tiffany-Trump.jpg
www.shefinds.com/files/2023/09/ 		271 KB
272 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Ivanka-Trump-Donald-Trump-Tiffany-Trump.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6272c92a7b737f583b957b66da0613f8d5a32b9a11c8e267f66b0d668b9174df

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 09:28:15 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=292114
vary
Accept-Encoding
etag
"64f3002f-47512"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb9f4bd3-BUF
content-length
277783
Kroger-storefront.jpg
www.shefinds.com/files/2023/09/ 		252 KB
252 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Kroger-storefront.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ae5ee4ad97328784ec6723a5407cea1e0e92ffbf5b6d97f28afccf2c99907f11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Thu, 31 Aug 2023 21:10:04 GMT
server
cloudflare
age
6915
x-powered-by
PleskLin
cf-polished
origSize=271022
vary
Accept-Encoding
etag
"64f101ac-422ae"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eba04bd3-BUF
content-length
257840
happy-woman-sipping-a-beverage.jpeg
www.shefinds.com/files/2023/09/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/happy-woman-sipping-a-beverage.jpeg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
aee2712bbd80a81b6c5c4421c02058f44d665a919f38d6f1f0bd24aa31c6ca08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 01:23:14 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
status=not_needed
vary
Accept-Encoding
etag
"64f28e82-1e01f"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eba14bd3-BUF
content-length
122911
womans-hairbrush-with-torn-out-hair.jpg
www.shefinds.com/files/2023/09/ 		179 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/womans-hairbrush-with-torn-out-hair.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9ed6b6f8ed31dd950c98bfa39a54aa8dd525f62c6f645f5897757c6be4a7ebde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 16:24:02 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=195800
vary
Accept-Encoding
etag
"64f361a2-2fcd8"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eba24bd3-BUF
content-length
183432
Kate-Middleton-visits-the-Natural-History-Museum-to-see-the-Urban-Nature-Project-2021.jpg
www.shefinds.com/files/2023/09/ 		279 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Kate-Middleton-visits-the-Natural-History-Museum-to-see-the-Urban-Nature-Project-2021.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2d85b97c203ab5342beba38df4178b3f694b9546f6162de1e69d31fd53dadfe8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 00:54:24 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=301325
vary
Accept-Encoding
etag
"64f287c0-4990d"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eba34bd3-BUF
content-length
285346
breakfast-vegetables.jpg
www.shefinds.com/files/2022/03/ 		416 KB
416 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2022/03/breakfast-vegetables.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
57dfed3ccf81413db99d1a51d03334e8fc746b1abf0d07e909381cab1d720760

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Jun 2022 13:16:43 GMT
server
cloudflare
age
6915
x-powered-by
PleskLin
cf-polished
origSize=462117
vary
Accept-Encoding
etag
"62a9dbbb-70d25"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eba44bd3-BUF
content-length
425825
channing-tatum-jenna-dewan-split.jpg
www.shefinds.com/files/2023/09/ 		255 KB
256 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/channing-tatum-jenna-dewan-split.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9144988e999168dfa6703f1716a7ce030b5803a87b24afa6f1a7d0e9c3a8c7b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sun, 03 Sep 2023 09:48:51 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=273688
vary
Accept-Encoding
etag
"64f45683-42d18"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eba54bd3-BUF
content-length
261243
woman-pouring-coffee-from-a-small-pot.jpg
www.shefinds.com/files/2023/09/ 		147 KB
147 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/woman-pouring-coffee-from-a-small-pot.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
c5540ad32c424c09694068ccab650e3d5cc174efaf14a502427371de5a10bf63

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Wed, 30 Aug 2023 22:20:37 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=162550
vary
Accept-Encoding
etag
"64efc0b5-27af6"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eba64bd3-BUF
content-length
150519
Gwyneth-Paltrow-striped-dress.jpg
www.shefinds.com/files/2023/09/ 		319 KB
320 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Gwyneth-Paltrow-striped-dress.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
e623d1366fbeecf1895178682ef93e48e35506d51b0babf424144b597f8a93ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Sep 2023 23:54:43 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=339941
vary
Accept-Encoding
etag
"64f279c3-52fe5"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eba74bd3-BUF
content-length
326737
Selena-Gomez-at-season-2-premiere-of-Only-Murders-In-The-Building.jpg
www.shefinds.com/files/2023/09/ 		300 KB
300 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Selena-Gomez-at-season-2-premiere-of-Only-Murders-In-The-Building.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ddf050d4c054b44869858af8590f89e670a84b121e68b20d54975e20dc9aa259

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 19:03:46 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=319619
vary
Accept-Encoding
etag
"64f38712-4e083"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eba84bd3-BUF
content-length
307104
Bread-aisle-in-Whole-Foods.jpg
www.shefinds.com/files/2023/09/ 		567 KB
568 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Bread-aisle-in-Whole-Foods.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
bcbbe2e154b5818e787be5f5098e03070aef90b6234ce15f3c91b0921b3d1488

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Sep 2023 23:29:56 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=600807
vary
Accept-Encoding
etag
"64f273f4-92ae7"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eba94bd3-BUF
content-length
580426
Jessica-Simpson-Los-Angeles-Beautycon-Festival.jpeg
www.shefinds.com/files/2023/09/ 		291 KB
291 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Jessica-Simpson-Los-Angeles-Beautycon-Festival.jpeg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
d3a5e645788e94d908ec426ba424c5a3b76cc657d2028afdddc25131a8518a31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Sep 2023 16:20:44 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
status=not_needed
vary
Accept-Encoding
etag
"64f20f5c-48aae"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06ebaa4bd3-BUF
content-length
297646
Wendys-Now-Serving-Breakdast.jpg
www.shefinds.com/files/2023/09/ 		236 KB
236 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Wendys-Now-Serving-Breakdast.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
547f9ba0a654be6b4075e82a87a6e848be8d0f2624ab13edfb47d23ae5b87bb9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 20:40:17 GMT
server
cloudflare
age
836
x-powered-by
PleskLin
cf-polished
origSize=257234
vary
Accept-Encoding
etag
"64f39db1-3ecd2"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06ebab4bd3-BUF
content-length
241536
Piers-Morgan-Prince-Harry.jpg
www.shefinds.com/files/2023/09/ 		235 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/09/Piers-Morgan-Prince-Harry.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
5d40a2e0403ee1096f5963fd1b1bdef47ef0f3501d68b2ac347b35bec753f615

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Fri, 01 Sep 2023 16:04:07 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=252482
vary
Accept-Encoding
etag
"64f20b77-3da42"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06ebac4bd3-BUF
content-length
240164
a-line-bob-haircut-1.jpg
www.shefinds.com/files/2023/07/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2023/07/a-line-bob-haircut-1.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ff0ae5d95d2b1b4117efd591c4407abd19165b6a906d1451e352e26c39ec4284

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Sat, 02 Sep 2023 18:09:32 GMT
server
cloudflare
x-powered-by
PleskLin
cf-polished
origSize=136185
vary
Accept-Encoding
etag
"64f37a5c-213f9"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06ebad4bd3-BUF
content-length
127583
lightbox_inline.js
www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox_inline.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bea9774a7c2714797d8f83a8f4381ec099fc8a09464aa91c7568507c0d15e65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 14 Mar 2022 22:03:24 GMT
content-md5
wPc9Z2CqzUpAOBQXevQ37w==
server
cloudflare
cf-polished
origSize=2379
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
d28f2ffd-801e-0018-70ef-3735a5000000
x-ms-version
2009-09-19
cf-ray
8012cf072a8c4bcf-BUF
basket.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ 		188 B
173 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/basket.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
96ef0a27fb2a76f331f10aee91d770a435b441bf158aa4f97d37e5dfc8c684ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Aug 2019 12:44:12 GMT
server
cloudflare
age
836
etag
W/"5d691a1c-bc"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012cf06ab8b4bd3-BUF
lightbox.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/lightbox.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a2dd9aedcd7ec64cdbeea19974bc3740698aeaae2d0652ea72ac0cfd190cb8d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jul 2018 14:05:26 GMT
server
cloudflare
age
836
etag
W/"5b55e0a6-13aa"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012cf06db8d4bd3-BUF
onejs
z-na.amazon-adsystem.com/widgets/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.161.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-161-188.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
c9066107ae3bca7d986d94311fc534c472a7aae6f7f53eeff674454fac46a958

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
Public
date
Mon, 04 Sep 2023 02:29:12 GMT
content-encoding
gzip
via
1.1 6379df80d5ecc173a4813b7bdfb4bbd4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
age
55
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7388
x-amz-cf-id
3Un-mzeRY6daLr1uA9p7f660OyCYNaECISFfIEGA-kTP7Z3a-7RpZg==
expires
Mon, 04 Sep 2023 02:34:12 GMT
shefinds-shefinds.js
widget.sellwild.com/shefinds/ 		79 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-108.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01dfcfe991ac2e4dffd53173f4668c3fb3df791900c35c633c06ed1f73f1ce44

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 22:09:05 GMT
content-encoding
gzip
via
1.1 fa2a1404411f25eb7c3c4def0c2864e6.cloudfront.net (CloudFront)
last-modified
Tue, 21 Mar 2023 06:21:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
15663
etag
W/"9a3ac0f83e15e5f11c7e9ee7cfba83a6"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1209600,public
x-amz-cf-id
8DRfJgI4gtzP3PeeeTcNc1lGC7ot2MtrzTi9djgOF-5vnVocttrLsQ==
main.d.js
bc.marfeelcache.com/www.shefinds.com/ 		13 B
439 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/www.shefinds.com/main.d.js
Requested by
Host: bc.marfeelcache.com
URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 8628ab00b77c57209ad876418b745f6e.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
92d3eff0096e4c7695bcbb9e2a3a71cc
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1691374075650
x-mrs-age
0
x-b3-traceid-primal
8de5c08e3cbc47ffa5e4a40f89594c18
content-length
13
x-mshield-cache-status
HIT
x-served-by
mshield-b-01, haproxy2, cache-yul12833-YUL, cache-yyz4537-YYZ
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1693794607.181976,VS0,VE0
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
f-93N69IfsfrrlJqxBLTbzO8DEpb3NsDhrBovGhkz7mN64GItv3K5Q==
x-cache-hits
588, 2
resolve
people.api.boomtrain.com/identify/ 		81 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.133.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-133-62.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:07 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
resolve
people.api.boomtrain.com/identify/ 		81 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.133.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-133-62.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:07 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c734be56350bcd36f0880348780dce06a229945e160eee14c6c7b10ff857333a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Sep 2023 02:30:07 GMT
content-md5
kZ7zycZ+uN4mK7oDx0A74A==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
x-fb-debug
BgBagXbmNexznSyREztqSKCyDY/YOacAwQojrj5mbz2Je+88fcvkyRz3CffrhIUkyWJUcQvVlykFyIlirR/63w==
x-fb-content-md5
00b88f1c06817ec7e5e95a0f27e64469
cross-origin-opener-policy
same-origin-allow-popups
etag
"20036f246dd846254d5946d4f0650b08"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:41:52 GMT
fbevents.js
connect.facebook.net/en_US/ 		193 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 04 Sep 2023 02:30:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
Cdzq6PKH1EBooWQWlnmeHe/tivmhokwnT4BTP9ms7PvTXcyf3luCqUfvTNriPZQfPcFJSaWqwWSnLAJ6mARJEQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
shefindsmedia-lifestyle_tag.js
d3ezl4ajpp2zy8.cloudfront.net/ 		0
0
shefinds.js
static.bam-x.com/tags/ 		152 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.bam-x.com/tags/shefinds.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-24.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d4dd9dbc6099790b3a3807c15f4ef9b8e71cab2a4a646e256b47248a8c430d09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 01:57:09 GMT
Content-Encoding
gzip
Via
1.1 2f276f8b7ce92ba7a0844268d20c32ba.cloudfront.net (CloudFront)
Last-Modified
Thu, 01 Sep 2022 16:42:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P6
Age
1979
ETag
W/"eb4fce974f8ba34fb9a68d7736fa02d6"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
PBPCKU7gnvhsgVHdxXYgQ1Puc6e5kkRhHp658TFaARZ4b1iqoyOrEQ==
hotjar-368258.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-368258.js?sv=5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
5133617faf32194dd8180886b64c7f1d0fd817be96d0f51a99c063f9e5648971
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 04 Sep 2023 02:30:05 GMT
via
1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
2
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/5952ab8012b1d8a7d480e4c6cab606d1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
H7_Cb-OU-eaxNsaRzOgx0_o_3vP_yCOVjORncO1KAJDChwOE8CcidA==
116504.ct.js
intljs.rmtag.com/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://intljs.rmtag.com/116504.ct.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.147.248 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
248.147.102.34.bc.googleusercontent.com
Software
/
Resource Hash
a31aac92e848f9f6d600904d8fc8206d2857e8baa563564f8d75d4d8c2b9a28d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 04 Sep 2023 02:30:07 GMT
x-cache
hit
x-samesite
secure
content-type
text/javascript
cache-control
max-age=86400
x-dyn
0
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
analytics-1.5.12.min.js
cdn.keywee.co/dist/
Redirect Chain
  • https://cdn.keywee.co/dist/analytics.min.js
  • https://cdn.keywee.co/dist/analytics-1.5.12.min.js
22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2600:9000:2209:5800:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 05:22:21 GMT
content-encoding
gzip
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified
Mon, 28 Dec 2020 09:55:56 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
255181
etag
W/"13a05c433850fad0455e2ee1a1707eb0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=259200,public
x-amz-cf-id
pP1GqIGw4WZXXwi9GCI-OLWptq9mO9cDr03oP8-RKVqVSvg3ypkUmg==

Redirect headers

date
Mon, 04 Sep 2023 02:29:49 GMT
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
19
x-cache
Hit from cloudfront
location
/dist/analytics-1.5.12.min.js
content-length
0
x-amz-cf-id
TKnXK4LYKm8m8kDrH-XXLhA4DOWqlz5uZwSK9PNmgeasFWxiovasbg==
/
www.shefinds.com/iframe-modal/ Frame 5AC1 		19 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/iframe-modal/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.28 PleskLin
Resource Hash
3bfc733aad4edd0f1eab235dac99bf8d8b4edb54465d830ae8f94b0b4c0e6569

Request headers

Referer
https://www.shefinds.com/collections/walmart-packaging-change/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=31, public
cf-cache-status
DYNAMIC
cf-ray
8012cf06eb8e4bd3-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:07 GMT
expires
Mon, 04 Sep 2023 02:30:36 GMT
last-modified
Mon, 04 Sep 2023 01:30:36 GMT
link
<https://www.shefinds.com/wp-json/>; rel="https://api.w.org/" <https://www.shefinds.com/wp-json/wp/v2/pages/710110>; rel="alternate"; type="application/json" <https://www.shefinds.com/?p=710110>; rel=shortlink
pragma
public
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.3.28 PleskLin
shefinds_blackhorizontal.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/shefinds_blackhorizontal.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
42d3eb7d373afb36dd72a7e4aefba98de82fc8706fccc34f42810c2c0760ea2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
age
836
cf-polished
origFmt=png, origSize=34331
x-powered-by
PleskLin
content-disposition
inline; filename="shefinds_blackhorizontal.webp"
content-length
9764
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-861b"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06ebae4bd3-BUF
new-search.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		270 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/new-search.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a5dabed54019cdc6c9853772ab679ba81d4e1d4e560d7dbe585d0cb5d77b2548

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
age
836
cf-polished
origFmt=png, origSize=442
x-powered-by
PleskLin
content-disposition
inline; filename="new-search.webp"
content-length
270
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-1ba"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06ebaf4bd3-BUF
blank.gif
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		43 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/blank.gif
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
836
x-powered-by
PleskLin
cf-polished
origSize=49, status=webp_bigger
vary
Accept-Encoding
etag
"5a6e6d28-31"
content-type
image/gif
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06ebb04bd3-BUF
content-length
43
socail-sprite-2.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/socail-sprite-2.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
6dacad7a02574323e64231bdb477b99dbac3bfafe28be370fb3d2e9fb2650b9c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
age
836
cf-polished
origFmt=png, origSize=7177
x-powered-by
PleskLin
content-disposition
inline; filename="socail-sprite-2.webp"
content-length
4754
cf-bgj
imgq:100,h2pri
last-modified
Wed, 06 May 2020 07:07:53 GMT
server
cloudflare
etag
"5eb26249-1c09"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06ebb14bd3-BUF
HelveticaNeue-Medium.woff2
www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_medium/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_medium/HelveticaNeue-Medium.woff2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
343a6c2bc4231fcde5a83ef906379d2317391d648ac2c9cfe441bc8bfc7c9bed

Request headers

Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
836
etag
"5a6e6d28-50b0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb8f4bd3-BUF
content-length
20656
HelveticaNeue.woff2
www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_neue/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/fonts/helvetica_neue/HelveticaNeue.woff2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
696b7b641d993b2664d20d1fc0a7d81e1dfe55db60535b8b946159e3e7aadb28

Request headers

Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
age
836
etag
"5a6e6d28-47e8"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
font/woff2
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf06eb904bd3-BUF
content-length
18408
c4d_vdef_emp_28e5.woff2
fastly-cloud.typenetwork.com/projects/2101/ 		69 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fastly-cloud.typenetwork.com/projects/2101/c4d_vdef_emp_28e5.woff2?ddc0ee1b29f22d0bf691ca97fc73962a4cad3c8e
Requested by
Host: cloud.typenetwork.com
URL: https://cloud.typenetwork.com/projects/2101/fontface.css/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ecdfa400855d3a2942065b7b7036b020e66d61547a26465637598a2078d46612
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Referer
https://cloud.typenetwork.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
x-amz-request-id
tx000000000000018ab1014-0064ee1209-7627e914-nyc3c
age
257
x-envoy-upstream-healthchecked-cluster
x-cache
HIT
x-amz-meta-surrogate-control
max-age=604800
content-length
70756
x-served-by
cache-yyz4573-YYZ
last-modified
Thu, 06 Apr 2023 15:46:23 GMT
x-timer
S1693794607.239034,VS0,VE3
x-amz-meta-tn-allowed-domains
http://shefinds.ctpusdev.com
etag
"fea67774edcbfec9e421db7375ae16ab"
x-amz-meta-surrogate-keys
style-3149 family-371 project-2101 projectlicense-10469
x-hw
1693323785.cdn4-pxy201-yyz02.tr2.evs,1693323785.cds213.tr2.p
content-type
font/woff2
access-control-max-age
0
access-control-allow-methods
GET
cache-control
max-age=600
x-rgw-object-type
Normal
x-amz-meta-tn-plw-id
10469
accept-ranges
bytes
access-control-allow-origin
*
x-cache-hits
1
vglnk.js
cdn.viglink.com/api/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viglink.com/api/vglnk.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-110.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c4e1d1d6b881f146a475b3d009cac2e81e5a3ee71f836d62cf32330c0bcad57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 05:06:32 GMT
content-encoding
gzip
via
1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 15:14:05 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
163416
etag
"6c8a8d538bfaf5e3eee3cfe467f261a5"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28925
x-amz-cf-id
3btEelOxR-tfeYWLV0Sl2uE-vdtGr_MgvVq7kca9-Ih5cA6ic5_3Qg==
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 11 Sep 2023 02:30:07 GMT
faithgeiger-1.jpg
www.shefinds.com/files/2022/04/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/files/2022/04/faithgeiger-1.jpg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
92c64e3a90df6fdc1a33494595991d91442c4d5a5513acd0300598f7a7ed6da0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/collections/walmart-packaging-change/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
last-modified
Mon, 11 Apr 2022 01:41:48 GMT
server
cloudflare
age
663
x-powered-by
PleskLin
cf-polished
origSize=157994, status=webp_bigger
vary
Accept-Encoding
etag
"6253875c-2692a"
content-type
image/jpeg
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf070bb44bd3-BUF
content-length
156469
social-bio.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/social-bio.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
ccdcac49567850ffd4891e52abf3a4a04a2620267f9b0f4cee113506e0d2a733

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
age
836
cf-polished
origFmt=png, origSize=3921
x-powered-by
PleskLin
content-disposition
inline; filename="social-bio.webp"
content-length
2314
cf-bgj
imgq:100,h2pri
last-modified
Tue, 12 Feb 2019 07:25:45 GMT
server
cloudflare
etag
"5c6274f9-f51"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf070bb54bd3-BUF
footer-btn-img.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ 		258 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/footer-btn-img.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
037873e3bde7304011cab230abd95899bc51a3936e70d756bcd8bc8dfa72268d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
age
836
cf-polished
origFmt=png, origSize=713
x-powered-by
PleskLin
content-disposition
inline; filename="footer-btn-img.webp"
content-length
258
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-2c9"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf070bb64bd3-BUF
S6uyw4BMUTPHjx4wWw.ttf
fonts.gstatic.com/s/lato/v23/ 		59 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wWw.ttf
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 20:31:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
367112
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30418
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 20:31:35 GMT
lightbox.js
www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/ Frame 9FCD 		501 B
394 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox.js?mb=1693794607317&lv=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3aa3256462b40af19c58827e24c72b610f3cd96c5cce93c8b9f59f856b59ac00

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 04 Sep 2023 02:25:51 GMT
server
cloudflare
cf-polished
origSize=510
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
cf-ray
8012cf07fa9e4bcf-BUF
/
embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/ Frame C598 		237 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
cf2aaa369ca227b39d336ab2509813b13b3348f298caa7bff934734cdb0ab5fe
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors *;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-Z/1qgBasEBAGPEwReLKg0w==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, s-maxage=1, max-age=1, must-revalidate
content-encoding
gzip
content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors *;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-Z/1qgBasEBAGPEwReLKg0w==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
content-security-policy-report-only
object-src 'none';script-src 'nonce-Z/1qgBasEBAGPEwReLKg0w==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors *;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:07 GMT
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
server
snooserv
vary
Accept-Encoding,accept-language
via
1.1 varnish
x-is-wrs
false
active_selectors
onsite.boomtrain.net/ 		0
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onsite.boomtrain.net/active_selectors?site_id=339c4cee6051c3aea99d9d91e3b71ab2&bt_onsite_test=false&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.15.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-15-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:07 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
54e8be2d-bfa8-4730-8ff8-80f2ce79f028
X-Runtime
0.002667
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Request-Methods
POST, GET, OPTIONS
Access-Control-Allow-Headers
origin, x-requested-with, content-type, accept, authorization, x-prototype-version
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.131.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-131-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 23:59:55 GMT
Via
1.1 d07915e7a5c22513f7a2f462a7421cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P7
Age
9012
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
y2BMVEs6WWb0az5GGnUoJTld1U7_yDaAWx6vF8gN7iK9Cg3VXiSMbg==
Expires
Mon, 04 Sep 2023 23:59:55 GMT
css2
fonts.googleapis.com/ 		2 KB
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lora:wght@500&display=swap
Requested by
Host: widget.sellwild.com
URL: https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0cbdd3671a78c4febdb7524d99510f3b4d3b74c18a5feef64654b17eec6349ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 02:11:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Sep 2023 02:30:07 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: widget.sellwild.com
URL: https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa99ee97df312a9d639815ab67e8d26a623f69a2b29c440ff10d54ac38997243
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29096
x-xss-protection
0
server
cafe
etag
228 / 19604 / 31077576 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:07 GMT
prebid7_20_0_v1.js
cache.sellwild.com/ 		274 KB
275 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cache.sellwild.com/prebid7_20_0_v1.js
Requested by
Host: widget.sellwild.com
URL: https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-122.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
016209754f5b92f7cce3c66c0035d8fcf48b11d08881319155a3476824a1582d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 14:59:57 GMT
via
1.1 f78e2a2d083c0945ee670c9d5d179e9e.cloudfront.net (CloudFront)
last-modified
Tue, 18 Oct 2022 05:29:04 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
41411
x-amz-server-side-encryption
AES256
etag
"f38fca0a8b9721b52d104e88cc9638f1"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
281065
x-amz-cf-id
QTvUF773fRaWF1pFtkzPGpDOTExYSdyJ18NPLMM9apqPVH-4n0dveQ==
359
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/359?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ref=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b88213f964fc3893edafa902b83e9253ddeb1650ce0ebb93f898aca29f9f694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Mon, 04 Sep 2023 02:30:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
8012cf0b1ff14bc9-BUF
listings-img-data-sm-shefinds
cache.sellwild.com/ 		189 KB
142 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cache.sellwild.com/listings-img-data-sm-shefinds
Requested by
Host: widget.sellwild.com
URL: https://widget.sellwild.com/shefinds/shefinds-shefinds.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-122.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99308cdfd8830639bdfc6e8d44e2a0b5a34bd814fc2b60e18aeb5591dbb727bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:51:44 GMT
content-encoding
gzip
via
1.1 b8508a82603ebd452aecb2900fb8eef0.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
age
2304
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
145198
last-modified
Mon, 04 Sep 2023 01:50:58 GMT
server
AmazonS3
etag
"7e21fd09e010a085848647b3b71bd2e2"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
30_oYoxpfib58E5Mpfti82uVFrO2OUBIXih1BvowZ3UVP2a7lMsbjQ==
35.ffa44917a77d7f8b045a.js
ads.blogherads.com/static/chunks/ 		1 KB
827 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/35.ffa44917a77d7f8b045a.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
W1HFRKKZH9Q2N8T5
age
1784
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
4dve68o5NOLtyAt0DUY3r2o9iwgMtLoBgfw10TpNFt3nTX8pgqSb0J31hPovm0tCyu6UobxBuKY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794607.443706,VS0,VE0
etag
W/"9a805af25f2863ad614644ba47504a2b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
160
optoutstatus.html
ads.shemedia.com/static/ Frame ABFD 		748 B
774 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1784
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:30:07 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
1Pr4q3ueMkEmSOTGg1Ct8XuyobJQoUR6CAzCQJ4pK/MkTZz5JPF4CiOVJa8V99dPp7hDLgeozes=
x-amz-request-id
9ZN602YBZ4B46ZN1
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
168
x-served-by
cache-yyz4583-YYZ
x-timer
S1693794608.519964,VS0,VE0
gardac-sync.js
bc.marfeelcache.com/statics/marfeel/ Frame 5AC1 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
via
1.1 fdced9a893123e4285bf6f674dce492c.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
3e7cbf86097949faa3535dc3a453c543
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1692691662240
content-disposition
inline;filename=f.txt
x-b3-traceid-primal
a1e2876539d349d99eb8fa4459fa0632
x-mrs-age
2281
content-length
3764
x-mshield-cache-status
HIT
x-served-by
mshield-b-02, haproxy1, cache-yul12834-YUL, cache-yyz4537-YYZ
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1693794608.505949,VS0,VE0
etag
W/"08e1729697a60cc7f930ece0a1a11fb0e"
x-mrf-shard
all
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86401
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
7Qn3r6by1R0kqtk5U8Oz0Z43TKvuw1DkaJlh1hbLqSz1R3j5LAKcrg==
x-cache-hits
243, 2
animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/ Frame 5AC1 		52 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
324577
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3279
last-modified
Thu, 22 Jun 2023 10:45:16 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494263c-ccf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpBEsLZucZ8zJHF0q7%2B1qOpOR%2B1PtyNuz5BsopztyBQwb2U0xsBTWQq7xE9h0frO1O8ja0ZqKLKuqAGx5z7EhrFkUU6WYgAmgGwIDghhFjInUTfIq7U%2B691fXjMylGRs1vmOn7yW9VJtq4xs6Min6hSU"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8012cf08e9764bc7-BUF
expires
Sat, 24 Aug 2024 02:30:07 GMT
/
cloud.typenetwork.com/projects/2101/fontface.css/ Frame 5AC1 		730 B
799 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cloud.typenetwork.com/projects/2101/fontface.css/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c73375eb59df657ad502e98ba1d00c19cff4db28839900fc20b2b2d54bc79c5d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains; preload
date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
x-amz-request-id
tx00000000000002a618f9c-0064f48549-76252ea8-nyc3c
age
479
x-envoy-upstream-healthchecked-cluster
x-cache
HIT
content-length
730
x-served-by
cache-yyz4548-YYZ
last-modified
Sat, 24 Dec 2022 16:17:08 GMT
x-timer
S1693794608.508036,VS0,VE0
etag
"228cb88d245a31343060024e93e4d9ad"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
x-hw
1693746505.cdn4-pxy211-yyz02.tr2.evs,1693746505.cds218.tr2.pr
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600
x-rgw-object-type
Normal
accept-ranges
bytes
x-cache-hits
2
style.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ Frame 5AC1 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/style.min.css?ver=1.0.40
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
1c46829c0fdbb5a474b233d1b95b4058205430a12b8b5479ec947ce0aa42f3dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 09:05:45 GMT
server
cloudflare
age
837
etag
W/"63871ce9-1ca0c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf08ebc04bd3-BUF
mobile.min.css
www.shefinds.com/wp-content/themes/shefinds_14/ Frame 5AC1 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/mobile.min.css?ver=1.1.46
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
172e82fb9c69d0838aff5ecc6ccf73b4dd42372045993942b56a6e2885144377

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 04 May 2018 07:13:47 GMT
server
cloudflare
age
837
etag
W/"5aec082b-4a96"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf08ebc14bd3-BUF
home-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 5AC1 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/home-new.min.css?ver=1.0.32
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
837
etag
W/"63e1ec80-496c"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf08ebc24bd3-BUF
single-new.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 5AC1 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/single-new.min.css?ver=1.0.35
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
fdbfddeacca164c72809d65be2542f9f24f541d226871af20ae1b11681c1ab49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
837
etag
W/"63e1ec80-8143"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf08ebc34bd3-BUF
sbi-styles.min.css
www.shefinds.com/wp-content/plugins/instagram-feed/css/ Frame 5AC1 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=2.9.3.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 03 Sep 2021 09:13:18 GMT
server
cloudflare
age
837
etag
W/"6131e72e-41b7"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf08ebc44bd3-BUF
style.min.css
www.shefinds.com/wp-includes/css/dist/block-library/ Frame 5AC1 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-includes/css/dist/block-library/style.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Aug 2023 15:21:24 GMT
server
cloudflare
age
837
etag
W/"64e4d274-19824"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf08ebc54bd3-BUF
ccb-frontend.min.css
www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ Frame 5AC1 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/custom-content-builder/styles/ccb-frontend.min.css?ver=1.0.7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
f41cb22f351b579a92ce50fa657167533a58bf918469869e71092fdba2ae2b95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 07 Feb 2023 06:15:28 GMT
server
cloudflare
age
837
etag
W/"63e1ec80-42d0"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf08ebc64bd3-BUF
page.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 5AC1 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/page.min.css?ver=debd74e6c3054f5f7592e78bb546766f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0d91e8b78f9d50f6dca25fdc4ef9d7cb2a5e0c102ad56ede94e74294de384682

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 12 Feb 2019 07:25:45 GMT
server
cloudflare
age
836
etag
W/"5c6274f9-14fc"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf08ebc74bd3-BUF
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ Frame 5AC1 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 11:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
401378
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 11:00:29 GMT
global_combined.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame 5AC1 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/global_combined.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
efa4025d1f80af52b3bde5aa3427b3080f231ca54e50315b386833bd58f4d5b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 22 Mar 2022 11:41:53 GMT
server
cloudflare
age
837
etag
W/"6239b601-7c40"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012cf08ebc94bd3-BUF
analyticstrain.min.js
cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/ Frame 5AC1 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-49.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e69bbb9d255e0800f75b87ed45302ff6dce75e08aa1223ec1e59ed6058cc3839

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 7ae870cd25f69f522a5d075cc08767f0.cloudfront.net (CloudFront)
Date
Mon, 04 Sep 2023 01:52:26 GMT
X-Amz-Cf-Pop
EWR50-C1
Age
2262
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 22 Jul 2020 23:39:36 GMT
Server
AmazonS3
ETag
W/"0e107974c7663dc3d598a29c1079881d"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=3600
X-Amz-Cf-Id
T61rkv8vBfF7effattWFv9Ksv_KYm3BV4lcKnZ9CzG5NpZtV_lC9CQ==
main.min.css
www.shefinds.com/wp-content/themes/shefinds_14/css/ Frame 5AC1 		53 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/css/main.min.css?ver=1.0.1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
9d484e0bc43c2fe1616f13be7286217a719cc4f38162595166ff05fe55bd08d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 30 Aug 2019 12:44:12 GMT
server
cloudflare
age
836
etag
W/"5d691a1c-d43e"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=5356800
cf-ray
8012cf08ebc84bd3-BUF
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ Frame 5AC1 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
603, 617, 617, 617, 617
age
3390973
cdn-cachedat
2021-06-08 11:00:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
68ed376e32c5cd61208c3e2716560319
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
8012cf08ecea4bcc-BUF
cdn-requestpullsuccess
True
mail-ic-modal.png
www.shefinds.com/wp-content/themes/shefinds_14/img/ Frame 5AC1 		426 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/img/mail-ic-modal.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
2e7df51881edd22359b6e09b60d052c2216ce4e44b62889b49eff28f84004176

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
cf-cache-status
HIT
age
836
cf-polished
origFmt=png, origSize=1067
x-powered-by
PleskLin
content-disposition
inline; filename="mail-ic-modal.webp"
content-length
426
cf-bgj
imgq:100,h2pri
last-modified
Mon, 29 Jan 2018 00:39:04 GMT
server
cloudflare
etag
"5a6e6d28-42b"
vary
Accept
content-type
image/webp
cache-control
max-age=5356800
accept-ranges
bytes
cf-ray
8012cf0babd64bd3-BUF
page.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame 5AC1 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/page.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
0912420957e1349dea4b9d6467adc71c30de0c1f9b2e09d84003b3eae03971f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 11 May 2018 12:37:25 GMT
server
cloudflare
age
836
etag
W/"5af58e85-1285"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012cf0b5bd24bd3-BUF
lightbox.min.js
www.shefinds.com/wp-content/themes/shefinds_14/js/min/ Frame 5AC1 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.shefinds.com/wp-content/themes/shefinds_14/js/min/lightbox.min.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4f8f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PleskLin
Resource Hash
a2dd9aedcd7ec64cdbeea19974bc3740698aeaae2d0652ea72ac0cfd190cb8d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/iframe-modal/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Jul 2018 14:05:26 GMT
server
cloudflare
age
836
etag
W/"5b55e0a6-13aa"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=5356800
cf-ray
8012cf0b5bd34bd3-BUF
p.js
cdn.parsely.com/keys/shefinds.com/ Frame 5AC1 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js?ver=1.0.5
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Sun, 03 Sep 2023 10:43:40 GMT
content-encoding
gzip
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
56792
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
dJ6yGD_1JvBZrUfjXoXPoGomv28jS1EmtoGMu6KgSIuV-fj28iexvQ==
expires
Mon, 04 Sep 2023 10:43:36 GMT
onejs
z-na.amazon-adsystem.com/widgets/ Frame 5AC1 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.161.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-161-188.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
c9066107ae3bca7d986d94311fc534c472a7aae6f7f53eeff674454fac46a958

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
Public
date
Mon, 04 Sep 2023 02:29:12 GMT
content-encoding
gzip
via
1.1 6379df80d5ecc173a4813b7bdfb4bbd4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
age
55
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
charset
UTF-8
cache-control
public,max-age=300,s-maxage=300,no-transform
content-length
7388
x-amz-cf-id
0IiqjC3ImIUZqtbL-NCaGQdr7reCSnI3Gjuenuh9zsr-Fv31awHOfw==
expires
Mon, 04 Sep 2023 02:34:12 GMT
shell-ae7ab5d1.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		562 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/shell-ae7ab5d1.js
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
3c7b9c3a1cda5503ddae090590a36523802c86e8b957fe19cb5a8b8853efa04f

Request headers

Referer
https://embed.reddit.com/
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
145994
last-modified
Thu, 31 Aug 2023 22:08:53 GMT
server
snooserv
etag
"ed5df9b8cc393ef15ed441190390164a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
embed-comment-client-js-7795574e.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		296 B
1017 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
075fad8dc99e36afadd5165463e68ef1539acf1f4922ba1318e0018c9f0aa3f1

Request headers

Referer
https://embed.reddit.com/
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
209
last-modified
Thu, 31 Aug 2023 22:08:47 GMT
server
snooserv
etag
"5f6f089159ec2136e61d0e8be216ae42"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
avatar_default_3.png
www.redditstatic.com/avatars/defaults/v2/ Frame C598 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redditstatic.com/avatars/defaults/v2/avatar_default_3.png
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
86ab1b9968456d72e1b3a6bd54ab3d1d92a1cbab8082a17c82da95a81512236c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.reddit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 09 Sep 2021 14:41:22 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"9b921e072c38823f5c2df1b29eb34406"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/png
accept-ranges
bytes
content-length
7823
expires
Thu, 31 Dec 2037 23:59:59 GMT
collect
www.google-analytics.com/g/ 		0
163 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SPS2TCRBW2&gtm=45je38u0&_p=373171656&cid=1789139906.1693794608&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693794607&sct=1&seg=0&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&dt=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPS2TCRBW2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0QI6MX1D_JOuGQbT0gvTJPa787wsuxJBkq0.woff2
fonts.gstatic.com/s/lora/v32/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v32/0QI6MX1D_JOuGQbT0gvTJPa787wsuxJBkq0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dc5059b2f1e55a338bc7085341ae5511b80c51847ff92244a2782a7c5b7417c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 00:54:40 GMT
x-content-type-options
nosniff
age
178527
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19996
x-xss-protection
0
last-modified
Tue, 21 Feb 2023 21:45:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 00:54:40 GMT
main.d.js
bc.marfeelcache.com/www.shefinds.com/ Frame 5AC1 		13 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bc.marfeelcache.com/www.shefinds.com/main.d.js
Requested by
Host: bc.marfeelcache.com
URL: https://bc.marfeelcache.com/statics/marfeel/gardac-sync.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.207 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 8628ab00b77c57209ad876418b745f6e.cloudfront.net (CloudFront), 1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
x-b3-traceid
0cb440d8211043dbb341351aebc2adc1
x-amz-cf-pop
YUL62-C2
x-mrs-cache
HIT
x-cache
Miss from cloudfront, HIT, HIT
mrf-cache-status
H-HH
x-mrf-rendered
1691374075650
x-mrs-age
0
x-b3-traceid-primal
8de5c08e3cbc47ffa5e4a40f89594c18
content-length
13
x-mshield-cache-status
HIT
x-served-by
mshield-b-01, haproxy2, cache-yul12833-YUL, cache-yyz4537-YYZ
x-mrf-type
UNKNOWN
server
nginx
x-timer
S1693794608.949372,VS0,VE0
etag
"067e866c735744ec6037b77b623ee022d"
x-mrf-shard
0
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin, Date
cache-control
public, max-age=61
x-mrs-cache-hits
1
accept-ranges
bytes
access-control-allow-headers
x-requested-with
x-amz-cf-id
f-93N69IfsfrrlJqxBLTbzO8DEpb3NsDhrBovGhkz7mN64GItv3K5Q==
x-cache-hits
588, 3
user.js
www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/ Frame 9FCD 		685 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638255840286354546
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/lightbox.js?mb=1693794607317&lv=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afa29609b287f240f3f088c61fca96d33d832fafac704937026907d364fa42b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
jzf/Fndh304iwtGvmDt7HA==
age
326761
cf-polished
origSize=1155627
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Mon, 14 Mar 2022 22:03:25 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
da468fd7-301e-0023-0337-bc77fb000000
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
cf-ray
8012cf0a3ae64bcf-BUF
expires
Tue, 03 Sep 2024 02:30:07 GMT
sdk.js
connect.facebook.net/en_US/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=4ae9904d1b36dd0eb78f9d8beceb439a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
01e2fc168672d90e95d8d783474efc1c422d939f910999d2acb8f39a2ebd1f6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Sep 2023 02:30:07 GMT
content-md5
6zhtJXYZGlpsQO41tJzBHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88940
x-fb-debug
hFUrugVCY2nWUzvJu58JZn2MfJCng6bVMtk+fRYZGQ5VCn8nYKhpu/UMGT3sEzciWqzuhc9+LCg/MD2EBTFtVw==
x-fb-content-md5
17bdbf72396054b9ec81e2e7c250a41c
cross-origin-opener-policy
same-origin-allow-popups
etag
"8774987564f67202d5021246a767a9d2"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 03 Sep 2024 01:17:52 GMT
getad
aax-us-east.amazon-adsystem.com/x/ 		50 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-fbf22f81-b8a4-4c31-8f5a-0666feac8e37%22%2C%22tracking_id%22%3A%22shefinds-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22shefinds-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K2W83WGR8DEPE95HWRD7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
50
events
direct-events-collector.spot.im/api/v2/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 534f7e815b25f5cd40ef32ea39fc9a8c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-amz-cf-id
fXdzcscE2Dq4TGTETOnjq2AM3XM3r_RIx4Gde981qzt1KIVpXs7c_w==
x-cache
Miss from cloudfront
386-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/386-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15a9f49cc3a39df9a27bdaa93d86169a965bb6fb33657ead545c60213e72805a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 15:14:22 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
NzEuJEz3_y606Vc4UxYd49oLFDxVY2Mk
x-amz-cf-pop
JFK52-P1
age
1250146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
20181
last-modified
Sun, 20 Aug 2023 13:47:36 GMT
server
AmazonS3
etag
"186a7e4d75bd7f354c4ddafa2445e787"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
6v-l8zbooIJGALhI9WGBRgBeGfAxk3zVP4COTku5cvs832oXcRIyIg==
808-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/ 		99 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/808-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b5790fdc520dc762e02c4acb1cd1fd5678c507e6ebdaee84081c4f65f692da08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 15:14:22 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
NgdeO8melDELPloUrMKMsj2ND8fJiZ8Q
x-amz-cf-pop
JFK52-P1
age
1250146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
28301
last-modified
Sun, 20 Aug 2023 13:47:36 GMT
server
AmazonS3
etag
"1de70b6dd4a89ff61d872dcba5dff1e6"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ebYCbj1zYaJ88ArfCzzxZ0GmdEDO8Mt5-TizGutdgtN4Y2BriUlLjw==
425-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/425-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5588986dd8073373970c935b707aad8159304299a5d90aca6c0d1e60c3d03910

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 15:14:22 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
I0w7CiGbRCPRg0X4PhY1QgusaGD8hyII
x-amz-cf-pop
JFK52-P1
age
1250146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3234
last-modified
Sun, 20 Aug 2023 13:47:36 GMT
server
AmazonS3
etag
"b140dc6ca3ed49181ff8df7aae961982"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
2esOveC7zRVwNlSM8BYx5EMya34aSuIw3edWdkYeofdInFaeMbAUIQ==
initial-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/initial-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b3454bd963eb317834cfca823fd0d6ebfb59bfebf5479dba40d4706b12248cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 15:14:22 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
eAjZ0ErqRURbRE84tr2rQB9KyGjIBiCy
x-amz-cf-pop
JFK52-P1
age
1250146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
8892
last-modified
Sun, 20 Aug 2023 13:47:37 GMT
server
AmazonS3
etag
"68ca9adb98dfcde94a759d1dc439c738"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yyahEoMffIV5qSL9XMz-S1jr43DEiLrUlV-fpeweudT_dImJ8TfAmg==
pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-90.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 04:19:34 GMT
via
1.1 f1742871ff3f5482a0c79a4d483d78a8.cloudfront.net (CloudFront)
last-modified
Wed, 12 Aug 2020 13:25:53 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
79834
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
0
x-amz-cf-id
w1vMkoyzDuSW_C68oIbqtBtHOkejkY0g8XWooFaTbW5kY97KBqPdgA==
903-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/ 		168 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/903-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ceca202d09a5ef57f3134fe038d485e08ce70371bffadd01e88a43b880fb29b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 15:14:22 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
KmFRcN0Jl8VnU4FpmN7b5KjytOxCz4.x
x-amz-cf-pop
JFK52-P1
age
1250146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
47407
last-modified
Sun, 20 Aug 2023 13:47:36 GMT
server
AmazonS3
etag
"9ca00fe3e2932d2f00f1570fcfb446fa"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
eov3NJr6YQ8p_gBfdSLXuHXIPpoXQY27yHSoWU1Ph5YzOQf1U-XkgQ==
shell-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/ 		93 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/shell-bundle.js
Requested by
Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
78ccef7522f7baf479156fb561dba9d46ada560dd2c6345e207052c139fb1000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 15:14:22 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
puGtJQ.81_L5dZL1QTu5uDNwurA7.Fer
x-amz-cf-pop
JFK52-P1
age
1250146
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
21002
last-modified
Sun, 20 Aug 2023 13:47:37 GMT
server
AmazonS3
etag
"91ee670d9bd1ddb6d5833a1068633b89"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
JbNlx4ruqahaSQmcAm7jks7E2W7uCIj3sRMF71x-IWz8yAyuqFbMvg==
1230911863589528
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1230911863589528?v=2.9.125&r=stable&domain=www.shefinds.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
441dde5d96e5a37321d12aa21210935637f2203b34bbf6e67cf1646bf7154d91
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 04 Sep 2023 02:30:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35898
x-xss-protection
0
pragma
public
x-fb-debug
Sj8PWFOUcEFIwlLp1nmtNoDAlvj6mayvTANZRNwsjFucyZ4mKf3jjSZU7jqkpcIr9NJNAqwVlsEcVctfOtDscQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
oPS.js
d15kdpgjg3unno.cloudfront.net/ 		113 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=21
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:d400:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81913b559dbc7f44bbc3f0ec1a8cfffeab10d3cda1b4cd1557cb13d9e10caa8b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
qPXcNmivasAFz6LSWE9bjZI38RuLgKul
content-encoding
gzip
via
1.1 45abe1833dce03139cbfcdfadefbc17a.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 17:15:56 GMT
last-modified
Thu, 31 Aug 2023 18:45:51 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
33253
x-amz-server-side-encryption
AES256
etag
W/"3ffc3b294fddf6c75b65dea6f791dda8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=84600
x-amz-cf-id
JjoPPq2iQwxGQlnh_Iv_BFTlinGdMD5_Wu8g9Qaui6HU8cMjlmh83A==
op.js
tagan.adlightning.com/sheknows/ 		63 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/op.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd9f1e240cea795fe86e179300d6d718de0370f0137c3e69250bb2ecb0bcdeee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:08:38 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
6f0g93mpOxekkHH0Wk_FTaXmVPc8Tmap
x-amz-cf-pop
EWR53-C3
age
1291
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
25809
x-amz-meta-git_commit
e09f10f
last-modified
Fri, 01 Sep 2023 17:32:13 GMT
server
AmazonS3
etag
"ec7c63dd32f134f36cd216b60779ae74"
content-type
application/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
3-_SEjNEWfGs44v1dustjH7Oe4Of3ZrzkXgDhNiSp2RTqDO_YPEmYg==
vendors~ads-injector~selector-helper.79748963afc38bc65c66.js
ads.blogherads.com/static/chunks/ 		20 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~ads-injector~selector-helper.79748963afc38bc65c66.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26fead6d02f439d69fe920268e7ece8f64a2be8d2b3fb63b918ed113ff45f53f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0BD9MFWY2PHMAVQ4
age
1784
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
QXDq84DD98MZVeK49iiIgysOnapbBrXF7Pm2NEQid85SLefJd3EEHgvGQ/uoXC9PrHf6BdFfSso=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794608.826289,VS0,VE0
etag
W/"251e72743a1b9a653810187ebb707f06"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
97
ads-injector.dbcf91f7702754857573.js
ads.blogherads.com/static/chunks/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/ads-injector.dbcf91f7702754857573.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
64348713a5cbbbb38447fa1ad62017595c6f63af8e23921ab5d60d51fd776fd2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0BD3T0JHYRWJ4P89
age
1784
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
2pWX0tIHu3w7QNbB6NSoRJrD4v9temiPVMk0y56yqaN1qS9o2Vz9/7mKPbDa/0tHA3yKJfLMyNE=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794608.826735,VS0,VE0
etag
W/"2d1a5b0ef20b24289aded218fe8683c1"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
98
apstag.js
ads.blogherads.com/static/cached/ 		248 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/cached/apstag.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5HXY0SED5BEPCX
age
1784
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
2nvPuC8/o99Dv8VrntchGhGzg9sMHNlZXHAxJ6ZPW15a0rfWsLYB47fQjTTsBSJzbfBBlChwnR0=
x-served-by
cache-yyz4553-YYZ
last-modified
Wed, 30 Aug 2023 18:07:16 GMT
x-timer
S1693794608.847133,VS0,VE0
etag
W/"761fb227b5d9333f86d2e976465cc3f4"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
6
iasPET.1.js
cdn.adsafeprotected.com/ 		22 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-71.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 00:15:55 GMT
Via
1.1 e8db4dc8ef769d3c7efb983afe130bca.cloudfront.net (CloudFront)
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P8
Age
8054
ETag
"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22521
X-Amz-Cf-Id
WvpsfiwpuWuNFEVgtat5AcpjshuGqN9GuPZ0AJOAhzotLh-dXFmWyg==
183734-166492037162020.js
js-sec.indexww.com/ht/p/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:10:16 GMT
server
cloudflare
age
964
etag
W/"9022fc-9fd2-6047f02ed659c"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8012cf0ccfaf39e3-YYZ
expires
Mon, 04 Sep 2023 06:30:08 GMT
vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
ads.blogherads.com/static/chunks/ 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5XDQ73PBC8J5XG
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
EM4KAzXYBWbRhwgALL2qF3iEOzT8r7GRwWz2LvxKMisrC9N4KJoHWjb8V9EvyuXrPpjiG8jUx+E=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794608.848312,VS0,VE0
etag
W/"8a4de88af87f2e76e0a9e1e1306ccdf3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
158
vendors~boomerang-prebid-integration.f5db4c18f4e75ee55e59.js
ads.blogherads.com/static/chunks/ 		69 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~boomerang-prebid-integration.f5db4c18f4e75ee55e59.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
06cb254f45f6bbe566d606cb45e0d8e1b6fa09dd2d9683a4e4bb4fda973fb91a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0BD48CQKBZ0VM1MV
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
CcIg8Ymw/uFgbn1/ojl2RutmrI0tNj9E5X5bQMCyKq/bZRqUusC/I617djnMjSYTz/1yxFAy6YQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794608.848809,VS0,VE0
etag
W/"667087ce8ad9a23103428e1f4add3eb0"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
141
boomerang-prebid-integration.26a1f9556d07016fd9a2.js
ads.blogherads.com/static/chunks/ 		31 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/boomerang-prebid-integration.26a1f9556d07016fd9a2.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c00c6942c532aecc86522db81f50d1f97eec1effa481e2517090f6f34627038

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0BDBNB9VD2KAAYMY
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
K+0GHGpbo67nR/gh5BhVM0g9WjHWxnjigUoAqNUg6hfJPxnRZ0HDROXkFZHBeCavEhIysqlmZwU=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794608.849380,VS0,VE0
etag
W/"2d547b37c260763e113cbc769f9ff4e8"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
139
rh.min.js
cdn.rhombusads.com/js/ 		287 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rhombusads.com/js/rh.min.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:d000:1b:9b08:7f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e682cb3815f258c7b53e5d8a70696c3c6296db1b37a04a9718052195063bfa16

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:20:11 GMT
content-encoding
gzip
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
last-modified
Thu, 31 Aug 2023 22:29:50 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C3
age
598
x-amz-server-side-encryption
AES256
etag
W/"3035b95971cbcf97b7643a872796db1f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
VN73FyZxnWZZ0MMYUPHUYzI2AUoQ_KrY-szTJBkubzx8xWilX2rICw==
SMC_comScore_175x32_2x_Lifestyle.png
ads.blogherads.com/static/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.blogherads.com/static/SMC_comScore_175x32_2x_Lifestyle.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8465cbf5bc8b82a9666d40a357bab3a016290618bba93e588929d884b3ae832a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9244PNJSHCSJH5KP
age
1784
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
AaursbAjAqXyDY/FrmNXZUYwjUD9GS+5O3DVMUAiYDiEEJHJcU4kPC04pEOcobPC3++B4LXdh3A=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
x-timer
S1693794608.855097,VS0,VE0
etag
W/"79765df773014426e6c0eb540bc3f74b"
vary
accept-encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
5524
YAC_AdMarker_Icon_Only_19x15.png
ads.blogherads.com/static/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.blogherads.com/static/YAC_AdMarker_Icon_Only_19x15.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0BD2Y2CQ4MRWJN5B
age
1783
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
WULi789EsmgSI+DIYQf2jFmezbvJIcmQcqE2YQv9md9rTQiyPEsqH/3PgvkbyJMxEQwNmXWjo38=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
x-timer
S1693794608.855065,VS0,VE0
etag
W/"06500e222cb4c36f129c357ffef7ad59"
vary
accept-encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
80
YAC_AdMarker_Icon_Text_77x15.png
ads.blogherads.com/static/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.blogherads.com/static/YAC_AdMarker_Icon_Text_77x15.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21bc65f86e0cd8dfbe47d505c85430a1356b7285e09f10a5fe1eff893dd27314

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0BD3C9WJDMNQ173Z
age
1784
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
Q6lNjr6DqtNOGkK0//ZdGO/gGFYxF9hIBlUHmOVjyQOL/PL6yAqeTKhJflekp4R1RzhOZA388W4=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
x-timer
S1693794608.855053,VS0,VE0
etag
W/"8827e02454b5cd2f3032bb6b5f6a61d8"
vary
accept-encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
49
3d2fb0bd-52fc-4b75-aaf5-2d436c172540-web.js
cdn.permutive.com/ 		1 MB
307 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/3d2fb0bd-52fc-4b75-aaf5-2d436c172540-web.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e68f6bd9e6a22cef0e97aa7cf61dca6b9afa6572d91517fdf799e11d4f9073

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
br
cf-cache-status
HIT
x-goog-meta-oid
3d2fb0bd-52fc-4b75-aaf5-2d436c172540
age
0
x-guploader-uploadid
ADPycds2XczzS-ZY0FXqJ8kTRXvZd7yv5yD_ppUk5Rd7BE1VNsJxHrW_tDqlfv3GZ4y2U2Z0j2D54Wb7tKCccmhZv6-okjXgk0Jz
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
last-modified
Fri, 01 Sep 2023 17:40:32 GMT
server
cloudflare
etag
W/"9b1a3d1d833e3c88f6b7cf9be6917478"
vary
Accept-Encoding
x-goog-generation
1693590032423470
content-type
application/javascript
x-goog-hash
crc32c=Adn+8g==, md5=mxo9HYM+PIj2t8+b5pF0eA==
cache-control
public, max-age=900
x-goog-stored-content-length
336567
timing-allow-origin
*
cf-ray
8012cf0d48ff3a0b-YYZ
expires
Mon, 04 Sep 2023 02:45:08 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Sep 2023 00:40:55 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6553
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 04 Sep 2023 02:40:55 GMT
js
www.googletagmanager.com/gtag/ 		213 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CGRZHQ8KQD&l=pmc_atlasmg_ga4_datalayer
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8bc72d7cd4216783222e6631bdd84bd3f72939f7777ca20d461c14c4ca9c034f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77511
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 04 Sep 2023 02:30:07 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.116.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-98.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 03:34:18 GMT
content-encoding
gzip
via
1.1 c70c0d114d0fcf32b9941c29c00266de.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P6
age
82551
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
a9geEI0ccwz7non-IXaigklflJWP-lt5e9WFDH6R0VOLgwOwNoTdUw==
truncated
/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e91a270de5a3523dcad33dbafde167aed352447bf3e4308854feaf696f95b7f8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af057a99b1da3f69929dda882dc3eaa8565542904ba7fbca35373d3ce97cb410

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6ff48ac45651e8cb9222811c0872701141a78d636ac93092505dcf8d9401d5c7

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
918e97a6c17537a730fd325891dc6bd246febe5a65b988ed6fda657386fc3ea3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7fbde59772a429e282899baf18b36a95366913ee589af6cc86bea4512ae8bde4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc9f2aa22ea6825332c5bc97fd008bbe797d9c538f277cdcb90a4244ea18dd14

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a279675589a8d7f06c9e70a5fd7e082a736aa7e8db90878f0a46ad99d18a0d91

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
binary/octet-stream
truncated
/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ffa2e70c964ea101d4fb17cf4116064c9fd5f08575949a701cb6cb94eae28c12

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
binary/octet-stream
modules.12f766d4ceff5d28bd1f.js
script.hotjar.com/ 		223 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.12f766d4ceff5d28bd1f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-368258.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-90.jfk50.r.cloudfront.net
Software
/
Resource Hash
a1749f37e3d13616a0d9b346b2da534229874292fa2e480d7c52bb3082c8fe0d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 09:39:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 52143757d25f4b31ebf04bc09765f6c0.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
233462
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55615
last-modified
Fri, 01 Sep 2023 09:38:54 GMT
etag
"9c7c85ff616e3c227ecc94b2ccd24ad1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ydNo4qoLIHYoLV8ZWS2PISqEoffDPzBUUaSZE10xYXnqToTZ4zYAeQ==
session.html
events.release.narrativ.com/api/v0/ Frame 4E2B 		713 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/session.html
Requested by
Host: static.bam-x.com
URL: https://static.bam-x.com/tags/shefinds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.5.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-5-153.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
cb56dbf2b8e6a52a7103fe96d4f71956b889c3b91925d465f308a8f7686a65b5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
private, max-age=7776000, must-revalidate, proxy-revalidate
content-length
713
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:08 GMT
server
openresty/1.21.4.1
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-bam-build-version
4cdbef3200b691159d37a8c127a9d49eb8708120
x-bam-env
release
x-robots-tag
none
resolve
people.api.boomtrain.com/identify/ Frame 5AC1 		81 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.133.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-133-62.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:07 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
resolve
people.api.boomtrain.com/identify/ Frame 5AC1 		81 B
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.133.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-133-62.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:07 GMT
Server
nginx
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Authorization,x-app-id
Content-Length
81
embed-event-handler-81497df3.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/embed-event-handler-81497df3.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e1fe57a927865a31d8c8259f8316f44fa3b19de805b0bc964e829d81eebd1dbc

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
1216
last-modified
Thu, 31 Aug 2023 22:11:02 GMT
server
snooserv
etag
"fb1050155833946158dc1b2dab29aa07"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
shreddit-embed-title-f63fdaf7.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/shreddit-embed-title-f63fdaf7.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
c9f23a498698696aff8d0324625108ab28c9d5f5c885da7cdf3ceab6479181b8

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
1375
last-modified
Thu, 31 Aug 2023 22:10:58 GMT
server
snooserv
etag
"04bf7e1bcdf0faa44bbfd2ad3664aef6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
faceplate-tooltip-f15905e3.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/faceplate-tooltip-f15905e3.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
02065a007ed6d7db45f50d1e01c93389f42b03a0827e9c1361e632203ae12578

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
1979
last-modified
Thu, 31 Aug 2023 22:10:15 GMT
server
snooserv
etag
"4212b0f6e771ae46429b62df58b36a37"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
shreddit-spoiler-379be3cb.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		879 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/shreddit-spoiler-379be3cb.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
ed0575d51f4079c8109ab21a591bbbab7e2be1addf8300fd5e431633daaac71c

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
507
last-modified
Thu, 31 Aug 2023 22:08:33 GMT
server
snooserv
etag
"3be471fce419a84d316bac210f11fa13"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
makeEventDispatcher-d902b6e4.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/makeEventDispatcher-d902b6e4.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e73d0fefe39957f20b7f462197cc3a7143086b772e818c859a7dc1a1a689edff

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
2760
last-modified
Thu, 31 Aug 2023 22:09:45 GMT
server
snooserv
etag
"75eee0f54417df9fdd712f199227a3c1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
loader.min.js
comparisons.sovrn.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://comparisons.sovrn.com/js/loader.min.js
Requested by
Host: cdn.viglink.com
URL: https://cdn.viglink.com/api/vglnk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-81.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
16c3294babd3ff9ae1c59d74abe0f9fa4ce7a36d47518db6de77ba0a54abe4e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
7wR4ypHPjtZHrpwTaJ9PNdpCW48yfent
content-encoding
br
via
1.1 774fddee085016d16b500fd9201faeb2.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 11:48:37 GMT
last-modified
Fri, 25 Aug 2023 09:23:43 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
52892
x-amz-server-side-encryption
AES256
etag
W/"8616643eecdf258be7f633a0f8267fdd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
t64MW4NhePj_s4rymcjkK3Dcm54qzzX3O5kFfL4WyEpmCvt41ZEQwQ==
faceplate-alerts-09b3af62.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/faceplate-alerts-09b3af62.js
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/shreddit/en-US/shell-ae7ab5d1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e8e507745e3d49bca97990afd69da76db5633ec37acd598c5ca957b92b2f9a34

Request headers

Referer
https://embed.reddit.com/
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
2054
last-modified
Thu, 31 Aug 2023 22:08:58 GMT
server
snooserv
etag
"b16d7c60a9b2d2d64213d30d57fb4cd0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
policy
w3-reporting.reddit.com/ Frame C598 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://w3-reporting.reddit.com/policy
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.reddit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains
x-xss-protection
1; mode=block
server
Varnish
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
access-control-allow-origin
https://embed.reddit.com
x-reddit-w3reporting
{"report_to": "w3-reporting", "max_age": 14400, "success_fraction": 0.99, "failure_fraction": 0.99}
access-control-expose-headers
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
vary
Origin
accept-ranges
bytes
access-control-allow-headers
Content-Type,Origin,X-origination-host,X-origination-path
x-frame-options
SAMEORIGIN
retry-after
0
3PNTER2GUkZNdJ2ILMCAmLX
embed.reddit.com/svc/shreddit/ Frame C598 		2 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/svc/shreddit/3PNTER2GUkZNdJ2ILMCAmLX
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-FZEZi2XhxdKu4QH0cWJv8Q==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
x-sh-microapp-route
monolith
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-FZEZi2XhxdKu4QH0cWJv8Q==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
server
snooserv
content-security-policy-report-only
object-src 'none';script-src 'nonce-FZEZi2XhxdKu4QH0cWJv8Q==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors 'self' *.reddit.com *.snooguts.net;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,accept-language
x-is-wrs
false
cache-control
private, s-maxage=1, max-age=1, must-revalidate
accept-ranges
bytes
content-length
2
w3-report-from-v2-event-3d775c9e.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/w3-report-from-v2-event-3d775c9e.js
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/shreddit/en-US/shell-ae7ab5d1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
73b44da9470d0bd09c8e4016ece582716e361bd6962943610db8a3436eb864f8

Request headers

Referer
https://embed.reddit.com/
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
1217
last-modified
Thu, 31 Aug 2023 22:08:46 GMT
server
snooserv
etag
"1931e7a039e5a6338e0cdf3da5e74515"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
perfMetrics
embed.reddit.com/svc/shreddit/ Frame C598 		7 B
3 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/svc/shreddit/perfMetrics
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
d70b9e24bca26b409b9458ceca6c9e5c2b5c3171c37ff050c6f6a0d7a4420d2a
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-f0SG/ppfn6/neTIIUIeefg==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-f0SG/ppfn6/neTIIUIeefg==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
server
snooserv
content-security-policy-report-only
object-src 'none';script-src 'nonce-f0SG/ppfn6/neTIIUIeefg==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors 'self' *.reddit.com *.snooguts.net;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,accept-language
x-is-wrs
false
cache-control
private, s-maxage=1, max-age=1, must-revalidate
accept-ranges
bytes
content-length
7
t
jadserve.postrelease.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ntv_mvi&us_privacy=1---
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.226.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-226-68.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
ccecd5d5b295cad26d151768b34974b82f611380abf1a55c7bf8879c33d2b946

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
937
expires
Mon, 1 Jan 1990 12:00:00 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ Frame 5AC1 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.131.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-131-120.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Sun, 03 Sep 2023 23:59:55 GMT
Via
1.1 d07915e7a5c22513f7a2f462a7421cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK50-P7
Age
9013
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
Accept-Ranges
bytes
X-Amz-Cf-Id
cMMYG6dsoyTHeDyZddE2azJdgDiijP4C99-Bue7_NFBVXnpfbZuzvg==
Expires
Mon, 04 Sep 2023 23:59:55 GMT
rules-p-d6OYghvsxJNAU.js
rules.quantcount.com/ 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-d6OYghvsxJNAU.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:ac00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a8cce7bd28f740b0ec159c5c8f5ccfa25cec1350e0791ce5af5f364208952ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:17:54 GMT
via
1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
758
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:53:17 GMT
server
AmazonS3
etag
"9896c63d081f1a368fe67c5d43d246eb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
QyoiYJPz9_9RMcNX-i9uzs_NrUupxH4dvECnAJh6d2HXeQW-7DjicQ==
fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637828922049286464
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638255840286354546
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
q4B4xYJoZwx9ikt94o1nCA==
age
305994
cf-polished
origSize=6016
x-ms-meta-cbmodifiedtime
Wed, 10 Apr 2019 18:50:43 GMT
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 10 Apr 2019 19:06:17 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
x-ms-request-id
753cce63-701e-006b-6dc9-6b4566000000
cache-control
public, max-age=2678400
x-ms-version
2009-09-19
cf-ray
8012cf0c8afc4bcf-BUF
expires
Thu, 05 Oct 2023 02:30:08 GMT
z
lightboxapi.azurewebsites.net/z9gd/41449/www.shefinds.com/jsonp/ 		682 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lightboxapi.azurewebsites.net/z9gd/41449/www.shefinds.com/jsonp/z?cb=1693794608095&callback=jQuery17106977116656084099_1693794608071&_=1693794608096
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638255840286354546
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.40.202.0 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ef84100ac4f0ab1584b5d7a91fef88a8ae822e24ae633d48876b18bdb7315dbc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:07 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
t.gif
www.lightboxcdn.com/z9g/ 		35 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/t.gif?c=1693794608079&h=www.shefinds.com&e=p&u=41449
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d383 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 04 Sep 2023 02:30:08 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
168312
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Tue, 26 Feb 2019 00:59:40 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Tue, 26 Feb 2019 01:15:02 GMT
server
cloudflare
etag
0x8D69B87D5A1B25F
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
81f54651-e01e-0021-7ec7-277501000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
8012cf0caafd4bcf-BUF
p.js
cdn.parsely.com/keys/shefinds.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Sun, 03 Sep 2023 10:43:40 GMT
content-encoding
gzip
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
56792
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
aeTI26mCFG_zm0gxZa5zP6S3-SiRZVb9D_hToZDW6zCvMbiNHrCUJA==
expires
Mon, 04 Sep 2023 10:43:36 GMT
920.js
cdn.keywee.co/config/ 		205 B
538 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/config/920.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5800:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
343bb230819cb92e0ecacf1196f49eb120912089d2d1693ea62f1ced40b8f6ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 06:19:42 GMT
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified
Fri, 16 Aug 2019 05:50:34 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
72626
etag
"46e1317d68d5cb379c9bd1f3cf91c85a"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
content-length
205
x-amz-cf-id
6EZn5Gd2WoBlGhd2WYwxBs3TaKVOCu1PGJqoFVYSqKOsHHelLIF9vQ==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 14:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
41489
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 02 Sep 2024 14:58:39 GMT
active_selectors
onsite.boomtrain.net/ Frame 5AC1 		0
723 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onsite.boomtrain.net/active_selectors?site_id=339c4cee6051c3aea99d9d91e3b71ab2&bt_onsite_test=false&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Requested by
Host: cdn.boomtrain.com
URL: https://cdn.boomtrain.com/analyticstrain/339c4cee6051c3aea99d9d91e3b71ab2/analyticstrain.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.15.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-21-15-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:08 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains, max-age=31536000;
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
d41a9813-09ed-45fd-aa44-c7be0c3dd9da
X-Runtime
0.035871
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Request-Methods
POST, GET, OPTIONS
Access-Control-Allow-Headers
origin, x-requested-with, content-type, accept, authorization, x-prototype-version
flipptag.js
cdn-gateflipp.flippback.com/tag/js/ 		91 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1188365
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-52.jfk50.r.cloudfront.net
Software
envoy /
Resource Hash
9bf7b1cc376ec1069df6a6dd8c98c8ed536bfaa25c081349024595e9f402a506

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
via
1.1 33aae203c47fd9e0f18a8f3f6d37fbfc.cloudfront.net (CloudFront)
server
envoy
x-amz-cf-pop
JFK50-P2
vary
Origin,Origin, Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-store
x-envoy-upstream-service-time
6
x-amz-cf-id
pGzTOjo_B9qANQzDCjmABGMec_82_RFCE4MbUj7j5EsFzuA7rbRdaA==
index.js
tags.remixd.com/player/v5/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.remixd.com/player/v5/index.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/ads-injector.dbcf91f7702754857573.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-79.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:29:47 GMT
content-encoding
gzip
via
1.1 0406aa08030e059015fb279667e94e6e.cloudfront.net (CloudFront)
last-modified
Tue, 21 Jun 2022 15:31:59 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
36
etag
"57b6f8ad4125903b7e06bb427c232d10"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=1800
accept-ranges
bytes
content-length
10041
x-amz-cf-id
SeO5bH2A5cLg7aXocm8UEzLQIe7PTJgwQI1nN5vd7Dqe9ROJYDM9xQ==
0.6c6348ebc294aacf1fc2.js
ads.blogherads.com/static/chunks/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/0.6c6348ebc294aacf1fc2.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5H0B20P1N7708Z
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
CcyfsDsCRPL9CBtE+Nzvt+B+dzUBwd5ztTfOQc2uCLugO7s7TFGaYh9kObVkY0h9faDWLNgzxwY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794608.224515,VS0,VE0
etag
W/"adbbea4ed0d19fcf33cae37dd9ad4855"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
147
32.a6a01847c6b16a78e211.js
ads.blogherads.com/static/chunks/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/32.a6a01847c6b16a78e211.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3aa2c009711c2e611ac48a34fc42b5b5019d3237c2406edde73d219f19b9c445

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
92460MA3M1VKCFTM
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
+SeZAB/tfuhOgdqeYjGSU/7MZ0nk49OK85gnO+99lkLCPJhezNfbnZxir0g5CxkBaVMEFJmDdvU=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794608.224542,VS0,VE0
etag
W/"13ed30ad504e2a7518684da4ce89215e"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
130
28.a1406fce8b53e68c2115.js
ads.blogherads.com/static/chunks/ 		1 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/28.a1406fce8b53e68c2115.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ecb84239efee9e3a2b1aeb935c714f19074d8c5cc36eca3cff464bb9ffc7539

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9246WAFJ5W8Y8J41
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
kCc/ZmeEKtw5hSBTpL9M26WgS2UDI4t5NnXD2jwLQBTSWEluHhIG6mhUSxRb/GDiaSXOdBF6Phg=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794608.224407,VS0,VE0
etag
W/"a043d1da70dbb046bbdd808e31aaa817"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
130
26.aa4425f9b6a5146744c9.js
ads.blogherads.com/static/chunks/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/26.aa4425f9b6a5146744c9.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07441c0650539d317a2b7f53c93d1ae9103478b35e9184f1a12a318d9f69361a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
924CXQH3TF4C7N4R
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
py5Js97FVefIpiwqQ8zoswxBS/Nexs0D67sPS0Clzdy0u7yLxJExkAZD0Zq+kdiXWsFQkKfq9JU=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794608.224382,VS0,VE0
etag
W/"016e7d5a98ad1d8c082646c88c89f083"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
93
29.537c0e9d37d86dbae61a.js
ads.blogherads.com/static/chunks/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/29.537c0e9d37d86dbae61a.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e6626ea6ce5d5211599e4c7c98959a18c840cf95f78c5e42bfb1ec92c9dad6b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9243FFE979ZTJZAQ
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
c+CJSxDNNjAPGR994WXUt+SjIYup/Cm5ORIoK/cyxzfXiGX6wOzF2nXbwuET/M8d3PxxWV8skQA=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794608.224329,VS0,VE0
etag
W/"29a8a4dc6599638ad0f358080fb4d8a3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
92
33.2fc7b18224b5a7dd8391.js
ads.blogherads.com/static/chunks/ 		604 B
796 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/33.2fc7b18224b5a7dd8391.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9cbe332b08eba53d8ebc2ba291bd763b74cd6eef267bfa81d74a1a6ce89afd71

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
W1H5314WK5D3R2S6
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ZcBW/pH0FsYBfBmlc1/WflNUBs+80QYRaX3Idkcy3NotfsHDJbhn7g5d+zYzluJCB5aiBahfiTo=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794608.224303,VS0,VE0
etag
W/"734beb17b989273ae178a8090cf4fb2c"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
138
27.3ff2a2181f5cf2d300b5.js
ads.blogherads.com/static/chunks/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/27.3ff2a2181f5cf2d300b5.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
291093e0a6fb10eed36fa3d930b918718d48f48aa7d94127a0804bf3982069e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9247V58RVY6P52EW
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
Hsks6OKGcsICTqnvPVFBbZ+VzsKd9E8GV+dR9oco4PJ9ued5l5EmdAH9q0bG1Gh++Hzam7wTTd8=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794608.224269,VS0,VE0
etag
W/"39b0db990c460eac26161d824108832b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
87
31.241f0944092217078fdf.js
ads.blogherads.com/static/chunks/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/31.241f0944092217078fdf.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1b0c18659c885963e4f6615a60e438ff27a296aa3134156ffe782d44d38d2253

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9246EX5HYMW7YA87
age
1785
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
8WK2Qk4amLpBVGdleZaLJQ5y33+4HLxhLROTMl3T5FeK9fYLTWm8YHU7IK8Snr/zm8RqPbDL9Kg=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794608.224233,VS0,VE0
etag
W/"8dca322268d18b146ce42d9a0d83712a"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
93
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=359&sync=1&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/359?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
1781
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8012cf0e69d44bbd-BUF
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
359
p.ad.gt/api/v1/p/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/359
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/359?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ref=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f4a9ba19fca7220cee54078ac4c35e1038940349a777e18e2c05472e7d1ac90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:25:52 GMT
server
cloudflare
age
256
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8012cf0e69d64bbd-BUF
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693794608-24SKF765-H653&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001693794608-24SKF765-H653%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693794608-24SKF765-H653&adnxs_id=2535980227366638075&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693794608-24SKF765-H653&adnxs_id=2535980227366638075&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
an-x-request-uuid
29208e60-8664-4966-90fd-1178403a9fd2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693794608-24SKF765-H653&adnxs_id=2535980227366638075&gdpr=0
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001693794608-24SKF765-H653&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001693794608-24SKF765-H653&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&id=AU1D-0100-001693794608-24SKF765-H653
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&id=AU1D-0100-001693794608-24SKF765-H653
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

location
https://ids.ad.gt/api/v1/t_match?tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&id=AU1D-0100-001693794608-24SKF765-H653
date
Mon, 04 Sep 2023 02:30:08 GMT
server
Kestrel
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001693794608-24SKF765-H653
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001693794608-24SKF765-H653
  • https://ids.ad.gt/api/v1/pbm_match?pbm=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&id=AU1D-0100-001693794608-24SKF765-H653
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&id=AU1D-0100-001693794608-24SKF765-H653
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&id=AU1D-0100-001693794608-24SKF765-H653
date
Mon, 04 Sep 2023 02:30:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
token
token.rubiconproject.com/ 		0
693 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001693794608-24SKF765-H653&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tapad_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001693794608-24SKF765-H653&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001693794608...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001693794608-24SKF765-H653&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001693...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttd_puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
  • https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001693794608-24SKF765-H653&tapad_id=f3a6c746-4028-425d-8997-c0b7dc5b7eac
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001693794608-24SKF765-H653&tapad_id=f3a6c746-4028-425d-8997-c0b7dc5b7eac
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

date
Mon, 04 Sep 2023 02:30:09 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001693794608-24SKF765-H653&tapad_id=f3a6c746-4028-425d-8997-c0b7dc5b7eac
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001693794608-24SKF765-H653
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001693794608-24SKF765-H653&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001693794608-24SKF765-H653&google_gid=CAESEF1gNzabfGFrQvDM79DwGW0&google_cver=1&google_ula=450542624,0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001693794608-24SKF765-H653&google_gid=CAESEF1gNzabfGFrQvDM79DwGW0&google_cver=1&google_ula=450542624,0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001693794608-24SKF765-H653&google_gid=CAESEF1gNzabfGFrQvDM79DwGW0&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g_hosted
ids.ad.gt/api/v1/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001693794608-24SKF765-H653
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693794608-24SKF765-H653&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693794608-24SKF765-H653&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693794608-24SKF765-H653&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693794608-24SKF765-H653&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
ip_match
ids.ad.gt/api/v1/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001693794608-24SKF765-H653
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
unruly
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001693794608-24SKF765-H653%26unruly_id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001693794608-24SKF765-H653%26unruly_id%3D%5BRX_UUID%5D&cb=1693794608612
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3DAU1D-0100-001693794608-24SKF765-H653%26unruly_id%3D...
  • https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001693794608-24SKF765-H653&unruly_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001693794608-24SKF765-H653&unruly_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

Date
Mon, 04 Sep 2023 02:30:09 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001693794608-24SKF765-H653&unruly_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/cached/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 bce50d2cc476ede482a8048a0c124908.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 09:23:19 GMT
x-amz-cf-pop
JFK50-P3
age
61610
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
IxgH6DypQkwLV043JMyRnARI4aaFvNrRfbqvUK99E2LgYQXDaE3vOw==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1230911863589528&ev=PageView&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794608251&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:08 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CGRZHQ8KQD&gtm=45je38u0&_p=373171656&_gaz=1&cid=1789139906.1693794608&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&sid=1693794608&sct=1&seg=0&dt=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&en=page_view&_fv=1&_ss=1&_ee=1&ep.adunitname_lvl1=8352%2C1017293&ep.adunitname_lvl2=a.shefinds&ep.adunitname_lvl3=articles&ep.adunitname_lvl4=_na_&ep.adunitname_lvl5=_na_&ep.pvuuid=65e90d9a-880c-4922-8429-737d1e8accef
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CGRZHQ8KQD&l=pmc_atlasmg_ga4_datalayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CGRZHQ8KQD&cid=1789139906.1693794608&gtm=45je38u0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CGRZHQ8KQD&l=pmc_atlasmg_ga4_datalayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
srv-2023-09-04-02.pixel.parsely.com/plogger/ Frame 5AC1 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2023-09-04-02.pixel.parsely.com/plogger/?rand=1693794608330&plid=93898832&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&sref=&sts=1693794608327&slts=0&title=Shoppers+Slam+Walmart+For+Packaging+Change%3A+%E2%80%98Heading+In+The+Wrong+Direction%E2%80%99+-+SHEfinds&date=Sun+Sep+03+2023+16%3A30%3A08+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=39694883&u=pid%3D04bce0ebe77cd9857061808a68b66e5f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.25.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-25-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:08 GMT
Cache-Control
no-cache
Last-Modified
Monday, 04-Sep-2023 02:30:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
session.gif
events.release.narrativ.com/api/v0/ 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.release.narrativ.com/api/v0/session.gif?uid_bam=1818698112763718562
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.5.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-5-153.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
x-bam-build-version
4cdbef3200b691159d37a8c127a9d49eb8708120
date
Mon, 04 Sep 2023 02:30:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
openresty/1.21.4.1
x-robots-tag
none
x-bam-env
release
cm_:onejs_load_evt@v=1015,onejs_exec_time@v=4,aax_load_time@v=628,aax_load_time_one_tag@v=628,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=1015,onejs_exec_time@v=4,aax_load_time@v=628,aax_load_time_one_tag@v=628,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=c3617840-2761-45ae-b3c5-179b9a39fe8c&session=6dd22369-e2c4-4925-b12b-13fe4a7759a7
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:08 GMT
x-amzn-RequestId
a33ee966-025b-466b-95f6-270ed806041b
Content-Type
text/plain
p.js
cdn.parsely.com/keys/shefinds.com/ Frame 5AC1 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/shefinds.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.101.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-101-60.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
public
date
Sun, 03 Sep 2023 10:43:40 GMT
content-encoding
gzip
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
last-modified
Thu, 02 Apr 2020 00:30:13 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
56792
etag
W/"5e853215-c07b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
M8sbbIDd0VupdBc_xM7vHxQuzHmKeMok_ecOCbaYvBtK2cGyvvXABQ==
expires
Mon, 04 Sep 2023 10:43:36 GMT
TinyGesture-fec3f2ea.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/TinyGesture-fec3f2ea.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
cf3bfaf226426b3133d84ad79a74aad40d04da37a4c770a80cf200c7dc615334

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/faceplate-alerts-09b3af62.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
1558
last-modified
Tue, 04 Apr 2023 22:58:58 GMT
server
snooserv
etag
"14171e95fa9da45b0612b5770551b3e5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
alerts-controller-27c3e68b.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		0
0
icon-clear-fill-630bfab5.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		0
0
icon-close-outline-fc4e2b29.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		0
0
perfMetrics
embed.reddit.com/svc/shreddit/ Frame C598 		7 B
3 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/svc/shreddit/perfMetrics
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
d70b9e24bca26b409b9458ceca6c9e5c2b5c3171c37ff050c6f6a0d7a4420d2a
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-NLCGT3aYLoHGJtYCn8VF5w==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-NLCGT3aYLoHGJtYCn8VF5w==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
server
snooserv
content-security-policy-report-only
object-src 'none';script-src 'nonce-NLCGT3aYLoHGJtYCn8VF5w==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors 'self' *.reddit.com *.snooguts.net;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,accept-language
x-is-wrs
false
cache-control
private, s-maxage=1, max-age=1, must-revalidate
accept-ranges
bytes
content-length
7
xpromo-4d09ac73.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		0
0
contextualSignupPrompt-8292f7a7.js
www.redditstatic.com/shreddit/en-US/ Frame C598 		0
0
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1403999
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
aEHzaUs9E9E9yuLjUoM_48o750Rcs0ia3IvTIk6ZYQ-KpaWFuLtCTg==
bl-c25b203-3a0438bc.js
tagan.adlightning.com/sheknows/ 		70 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/bl-c25b203-3a0438bc.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bcfbab9fd00258a8a7a78fb08e87e31df1108c7db3947dee810a8116d2559ce4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 17:43:37 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
fDygbOvffZhNFEakwARu.NBUEeg3nXOk
x-amz-cf-pop
EWR53-C3
age
204392
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29383
x-amz-meta-git_commit
c25b203
last-modified
Fri, 01 Sep 2023 17:31:30 GMT
server
AmazonS3
etag
"72accb99e27883f839a54d3c92c2899d"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8JW18DX-XGkmeN4U2x-aGcnH8WuAJdfBtUprXH2PLE6QuEJ69dpR0Q==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/webp
sp-2.9.1.js
cdn.keywee.co/dist/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by
Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:5800:e:ec66:e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 03:26:35 GMT
content-encoding
gzip
via
1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
last-modified
Sun, 14 Oct 2018 12:37:03 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
age
1465414
etag
W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=315360000
x-amz-cf-id
zeBP9xHy0tFDUC_JYuSmrEEBKUXLpF9lzKm3sTL3pHwb_flMgEKpzQ==
340247040194248
connect.facebook.net/signals/config/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/340247040194248?v=2.9.125&r=stable&domain=www.shefinds.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8ea1003e256bc3963a0bed50a6f83993ef867fde2294e1a8020e886327319a9f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 04 Sep 2023 02:30:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35907
x-xss-protection
0
pragma
public
x-fb-debug
lI6Pn+HCrdRazXTnZQrFxAFRaAmURbdqS/a0QHHk+8EBTtyYjqqEbEYxhF/KQ+9uqWcCyy9fsQGFolXsspIMGg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
srv-2023-09-04-02.pixel.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2023-09-04-02.pixel.parsely.com/plogger/?rand=1693794608572&plid=67283606&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&sref=&sts=1693794608327&slts=0&title=Shoppers+Slam+Walmart+For+Packaging+Change%3A+%E2%80%98Heading+In+The+Wrong+Direction%E2%80%99+-+SHEfinds&date=Sun+Sep+03+2023+16%3A30%3A08+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=62722399&u=pid%3D04bce0ebe77cd9857061808a68b66e5f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.25.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-25-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:08 GMT
Cache-Control
no-cache
Last-Modified
Monday, 04-Sep-2023 02:30:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
perfMetrics
embed.reddit.com/svc/shreddit/ Frame C598 		7 B
3 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/svc/shreddit/perfMetrics
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
d70b9e24bca26b409b9458ceca6c9e5c2b5c3171c37ff050c6f6a0d7a4420d2a
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-s6lWaBlSZwHooujAAf8pBw==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-s6lWaBlSZwHooujAAf8pBw==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 varnish
server
snooserv
content-security-policy-report-only
object-src 'none';script-src 'nonce-s6lWaBlSZwHooujAAf8pBw==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors 'self' *.reddit.com *.snooguts.net;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,accept-language
x-is-wrs
false
cache-control
private, s-maxage=1, max-age=1, must-revalidate
accept-ranges
bytes
content-length
7
identity
api.rlcdn.com/api/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		108 B
670 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183734
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8f6e92dafe4dbb5369be43a42001e59672824423207422b224868ed88e114c34

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 04 Oct 2023 02:30:08 GMT
/
id.sv.rkdms.com/identity/ 		66 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SHEMEDIA&sv_domain=www.shefinds.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.31.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-31-29.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
84c933abb8852d904283e542cf329db976e20701a1443e615fdcea32ab44c48a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:08 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
66
vary
Origin
content-type
application/json
any
idx.liadm.com/idex/ie/ 		54 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.63.111 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-63-111.compute-1.amazonaws.com
Software
/
Resource Hash
7f6384ef592836395a0f2d66f918cad9252e888b92864b20f5999dfd235bee82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
5
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
trace-id
392402172a6d59d9
content-length
54
expires
Tue, 05 Sep 2023 02:30:08 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-aa04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:08 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:3c00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
Date
Sun, 03 Sep 2023 09:10:39 GMT
Via
1.1 c7f059cae2da7d584bee2041395eabe8.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
JFK50-P6
Age
62370
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
glg3T_EBsA7XecTIe_-6Q-F1Zbbzj1xz5XPhQ-O_5QdK_oyMfqy27g==
ads
securepubads.g.doubleclick.net/gampad/ 		84 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4012409536050128&correlator=2696495301214029&eid=31077576%2C20222283&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21824729475%2Cshefinds-shefinds-desktop-300x250%2Cshefinds-shefinds-desktop-728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2&prev_iu_szs=300x250%2C728x90%2C728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1693794608686&lmt=1693830476&adxs=650%2C436%2C436&adys=4635%2C4299%2C4899&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1%7C2%7C3&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&vis=1&psz=300x250%7C728x90%7C728x90&msz=300x-1%7C728x-1%7C728x-1&fws=4%2C4%2C4&ohw=960%2C960%2C960&ga_vid=1789139906.1693794608&ga_sid=1693794609&ga_hid=373171656&ga_fc=true&dlt=1693794606980&idt=1664&adks=3451304819%2C531428060%2C531428063&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01b3e01cbac1c075e37f3e4ae49ae6a5638cd726ea85713c1c231dbd2584cdd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
google-lineitem-id
6124744791,6126907430,6126907430
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406906113,138406906107,138406906110
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dd2df89f67b9745ba70681123dbca825.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B018 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dd2df89f67b9745ba70681123dbca825.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:08 GMT
expires
Tue, 03 Sep 2024 02:30:08 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
getad
aax-us-east.amazon-adsystem.com/x/ Frame 5AC1 		50 B
364 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aax-us-east.amazon-adsystem.com/x/getad?src=330&c=100&sz=1x1&apiVersion=2.0&pj=%7B%22overwrite%22%3A%22false%22%2C%22div_name%22%3A%22amzn-assoc-ad-fbf22f81-b8a4-4c31-8f5a-0666feac8e37%22%2C%22tracking_id%22%3A%22shefinds-20%22%2C%22ad_type%22%3A%22one_tag%22%2C%22marketplace%22%3A%22amazon%22%2C%22enable_geo_redirection%22%3A%22true%22%2C%22enable_auto_tagging%22%3A%22false%22%2C%22region%22%3A%22US%22%2C%22placement%22%3A%22adunit%22%2C%22viewerCountry%22%3A%22US%22%2C%22textlinks%22%3A%22%22%2C%22debug%22%3A%22false%22%2C%22acap_publisherId%22%3A%22shefinds-20%22%2C%22slotNum%22%3A0%7D&u=https%3A%2F%2Fwww.shefinds.com%2Fiframe-modal%2F&jscb=amzn_assoc_jsonp_callback_adunit_0
Requested by
Host: z-na.amazon-adsystem.com
URL: https://z-na.amazon-adsystem.com/widgets/onejs?MarketPlace=US&adInstanceId=fbf22f81-b8a4-4c31-8f5a-0666feac8e37
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:08 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8QFC209QGV2NXPJZ4D7F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
text/javascript;charset=UTF-8
Connection
keep-alive
Content-Length
50
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=0&a=373171656&t=pageview&_s=1&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&dp=%2Fcollections%2Fwalmart-packaging-change%2F&ul=en-us&de=UTF-8&dt=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABEAAAACAAI~&jid=1601623075&gjid=1265975907&cid=1789139906.1693794608&tid=UA-72491114-4&_gid=723450144.1693794609&_r=1&_slc=1&cd35=8352%2C1017293&cd36=a.shefinds&cd37=articles&cd38=_na_&cd39=_na_&cd103=65e90d9a-880c-4922-8429-737d1e8accef&z=137370624
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/?uid_bam=1818698112763718562
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.5.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-5-153.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
accept,content-type,x-bam-params,x-howl-pixel-version
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
accept, content-type, x-bam-params, x-howl-pixel-version
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.shefinds.com
allow
POST, OPTIONS
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:08 GMT
server
openresty/1.21.4.1
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin
x-bam-build-version
4cdbef3200b691159d37a8c127a9d49eb8708120
x-bam-env
release
x-robots-tag
none
/
events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/ 		2 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://events.release.narrativ.com/api/v0/publishers/1081/impressions/page_impression/?uid_bam=1818698112763718562
Requested by
Host: static.bam-x.com
URL: https://static.bam-x.com/tags/shefinds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.5.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-5-153.compute-1.amazonaws.com
Software
openresty/1.21.4.1 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept
{"uid_bam":"1818698112763718562","BAMX_Opt_Out":""}
Referer
https://www.shefinds.com/
X-Howl-Pixel-Version
shefinds
X-BAM-Params
{"uid_bam":"1818698112763718562","BAMX_Opt_Out":""}
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

x-bam-build-version
4cdbef3200b691159d37a8c127a9d49eb8708120
date
Mon, 04 Sep 2023 02:30:08 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
openresty/1.21.4.1
x-bam-env
release
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
x-robots-tag
none
content-length
2
Test_oPS_Script_Loads
sqs.us-east-1.amazonaws.com/397719490216/ 		378 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D21%26bt%3Dnull
Requested by
Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=21
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.239.232.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-239-232-201.compute-1.amazonaws.com
Software
/
Resource Hash
983231caca1b81a8fc08a98ddd8a0bebd38ef8e09ed6b7a4bd204fb60596ce10

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date
Mon, 04 Sep 2023 02:30:08 GMT
connection
keep-alive
x-amzn-RequestId
b40f5e26-9a94-57e4-9992-0349d9e4649d
Content-Length
378
Content-Type
text/xml
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693794608781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&c8=Sh...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693794608781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&c8=S...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693794608781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&c8=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&c9=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
18.164.116.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-98.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
via
1.1 c70c0d114d0fcf32b9941c29c00266de.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P6
x-amz-cf-id
RXWjib6JNKWAZgQfK19tFg6hr_pbf9JnVVhRENHR6oU30afE-5HulQ==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 04 Sep 2023 02:30:08 GMT
via
1.1 c70c0d114d0fcf32b9941c29c00266de.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=15476338&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1693794608781&ns_c=UTF-8&c7=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&c8=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&c9=
content-length
0
x-amz-cf-id
2acBjvcNYrQvQ2twvKeMfora7asMRnOP6xMdRrI28T81y7_WYugrlw==
3PNTER2GUkZNdJ2ILMCAmLX
embed.reddit.com/svc/shreddit/ Frame C598 		0
0
perfMetrics
embed.reddit.com/svc/shreddit/ Frame C598 		0
0
/
embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/ Frame 9C18 		237 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
25357bdf1adac1b4a2e7a2652907ad2adaa4d778d268ea75de47c9990e5bae4d
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors *;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-SrxMaELw9cKkGnkdtS3qYw==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
private, s-maxage=1, max-age=1, must-revalidate
content-encoding
gzip
content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors *;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-SrxMaELw9cKkGnkdtS3qYw==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
content-security-policy-report-only
object-src 'none';script-src 'nonce-SrxMaELw9cKkGnkdtS3qYw==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors *;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:08 GMT
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
server
snooserv
vary
Accept-Encoding,accept-language
via
1.1 varnish
x-is-wrs
false
check
socialcanvas-api.kargo.com/v2/embed/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-api.kargo.com/v2/embed/check
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.120.123 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-120-123.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:08 GMT
Server
nginx/1.22.1
Vary
Access-Control-Request-Headers
X-Powered-By
Express
request
socialcanvas-api.kargo.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-api.kargo.com/v2/request
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.120.123 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-120-123.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:08 GMT
Server
nginx/1.22.1
Vary
Access-Control-Request-Headers
X-Powered-By
Express
check
socialcanvas-api.kargo.com/v2/embed/ 		37 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-api.kargo.com/v2/embed/check
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.120.123 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-120-123.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
687123631d0c3e513b72f575a5169913feb29a321af6b72c624441a69315ad7d

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json

Response headers

Date
Mon, 04 Sep 2023 02:30:09 GMT
Server
nginx/1.22.1
X-Powered-By
Express
ETag
W/"25-7w8VtVbOFg7kFg5uK0G0TjQVJpo"
Vary
Origin
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
37
request
socialcanvas-api.kargo.com/v2/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-api.kargo.com/v2/request
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.16.120.123 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-16-120-123.us-east-2.compute.amazonaws.com
Software
nginx/1.22.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json

Response headers

Date
Mon, 04 Sep 2023 02:30:09 GMT
Server
nginx/1.22.1
X-Powered-By
Express
ETag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Vary
Origin
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With
Content-Length
0
scpb.js
socialcanvas-cdn.kargo.com/js/ 		271 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://socialcanvas-cdn.kargo.com/js/scpb.js
Requested by
Host: cdn.rhombusads.com
URL: https://cdn.rhombusads.com/js/rh.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26fa:4800:13:6a46:aa00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6cf3bf775d68a1ca2cf2017fab25029316f54d60457afad1afcc3f38bb98d41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 22:29:55 GMT
content-encoding
gzip
via
1.1 da8cb5b9fb94d7de03d8eaa20297debc.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 19:27:24 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
14415
x-amz-server-side-encryption
AES256
etag
W/"4102c8de7c45dc9353378b8f31a06708"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
trefFiNrDQKg27U27q5pwOsyiWhkEOwnnjK9oKplPD3SOgol_F34kQ==
pixel;r=1345291537;rf=0;a=p-d6OYghvsxJNAU;url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F;uht=2;fpan=1;fpa=P0-689168086-1693794608050;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1345291537;rf=0;a=p-d6OYghvsxJNAU;url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F;uht=2;fpan=1;fpa=P0-689168086-1693794608050;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;us_privacy=1---;ref=;d=shefinds.com;dst=0;et=1693794608834;tzo=600;ogl=title.Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%2Curl.https%3A%2F%2Fwww%252Eshefinds%252Ecom%2Fcollections%2Fwalmart-packaging-change%2F%2Cdescription.Read%20about%20why%20customers%20are%20mad%20at%20Walmart%20for%20making%20this%20change%20to%20their%20pack%2Ctype.article%2Csite_name.SheFinds%2Cimage.https%3A%2F%2Fwww%252Eshefinds%252Ecom%2Ffiles%2F2023%2F08%2FWalmart-storefront%252Ejpeg%2Clocale.en_US;ses=a3740558-35cc-4fa6-aecf-0a4bb3d6a96e;mdl=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1456:d0e1:7db4:a56b , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
hadron.json
id.hadron.ad.gt/v1/ 		97 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=359&sync=1&domain=www.shefinds.com&url=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a2add2e953096283bb535ecdfea21242f2b382e0d826b287fc27444a561267b

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 02:30:08 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
8012cf120e344bcc-BUF
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=0&partner_id=359&sync=1&domain=www.shefinds.com&url=https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
8012cf11be2b4bcc-BUF
content-length
0
content-type
application/json
date
Mon, 04 Sep 2023 02:30:08 GMT
debug
OPTIONS block
expires
Tue, 03 Sep 2024 02:30:08 GMT
server
cloudflare
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=14294
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.189.209 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-189-209.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

unused62
8096267
date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
8E9DDF2195E1A6A1
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=24980
accept-ranges
bytes
content-length
55696
x-amz-id-2
cW+Pa26aifCh5DmBh7isexYOIF2QjBKdsS3alHnNbb/aachHteew/Z3y/SsNfaFLq1tnEc2LY7U=
trk.gif
jadserve.postrelease.com/ 		43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=6856509&ntv_pl=1095776
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.226.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-226-68.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=06d1cbb4-3df7-4cd1-92bc-038a0e9451b4&ntv_fl=fEPjykmpY8C9TFTl-KfmS-suOsErFMx3OOULL9u3F36j7JQ6kxpfmZr7RvkARFyHAbX25VrdUJ4mxBSkMCBd_LTzx_a4nMVfUjxKayQPDVcX7Kh7BxvrVrdFEGzZaacOcgHVEkpFzhAxYemJiEbY_JmvMN3kiwmclkTp6SGogFx3lVbZF523XmxGRKNhXU14TUpHtLRMMACj7dEwTRRkD3SCfgy6ZVICnG65ryV_M0GsdD4kvJHVCjoKwvZ8Y5DIe8lrlcruar594wibWBWyLw==&ntv_ht=MEH1ZAA&ntv_at=303,302&ntv_a=AAAAAAAAAAYLgQA&ord=1693794608841&ntv_it
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.226.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-226-68.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
623 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=06d1cbb4-3df7-4cd1-92bc-038a0e9451b4&ntv_fl=fEPjykmpY8C9TFTl-KfmS-suOsErFMx3OOULL9u3F36j7JQ6kxpfmZr7RvkARFyHAbX25VrdUJ4mxBSkMCBd_LTzx_a4nMVfUjxKayQPDVcX7Kh7BxvrVrdFEGzZaacOcgHVEkpFzhAxYemJiEbY_JmvMN3kiwmclkTp6SGogFx3lVbZF523XmxGRKNhXU14TUpHtLRMMACj7dEwTRRkD3SCfgy6ZVICnG65ryV_M0GsdD4kvJHVCjoKwvZ8Y5DIe8lrlcruar594wibWBWyLw==&ntv_ht=MEH1ZAA&ntv_at=321,322,333&ntv_a=AAAAAAAAAAYLgQA&ntv_jlt=1275&ntv_jad=806&ntv_jte=16&ntv_it
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.226.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-226-68.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:08 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
368258
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/368258?s=0.25&r=0.020880981360481554
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-54.jfk50.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
Ud6RxnUOB4W3OL9zEpZtmILLftu-N3pTKVk2Ci4q22JnZemWFeYOAg==
sprite.svg
static-cdn.spot.im/production/icons/sprites/ 		24 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/sprites/sprite.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
pTYPLm0WXSUOn4wsgJLXLuv5LYGbB.2s
content-encoding
br
via
1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 06:56:06 GMT
x-amz-cf-pop
JFK52-P1
age
70443
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 24 May 2023 11:40:02 GMT
server
AmazonS3
etag
W/"2a4e43326a158b47d0598571fd4099b6"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-cf-id
W6crMMseEMjkOA_niYoRM8LbgYtnNIdneTzhaOiFaj84Ar34MlKtvg==
device-load
api-2-0.spot.im/v1.0.0/ 		36 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/device-load
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
b4ca6161c738358009076224e8d00fda43172316bf45d9d7a5de2e42bda895aa
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
content-length
36
x-guid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
SY0cxvFOUx6CBTL-BiDhvIzEeay5TByD52HYA5clMtmxpyBe0OtSZg==
shefinds.com
pubcast-files.remixd.com/player-configs/ 		8 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubcast-files.remixd.com/player-configs/shefinds.com
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ede78d2b801ebf9fd9dab7244f4fd29b854b901ef4798168170c4d1b3664bbac

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:11:36 GMT
age
1112
x-guploader-uploadid
ADPycdtfTz7LfudELZzUqrSwhDV0CRWT6fJusdlB1kC2GEC62OOdsyc1oxPEZUyX3GcMTQ3GGBA_Hj3bzRd6dERg1nzRPA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8373
last-modified
Tue, 11 Apr 2023 17:20:02 GMT
server
UploadServer
etag
"47a5ffa6ff4f0a33ebdfe851e3a01e2f"
x-goog-generation
1681233602413138
x-goog-hash
crc32c=01yPJA==, md5=R6X/pv9PCjPr3+hR46AeLw==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
x-goog-meta-cache-control
public, no-cache, must-revalidate
x-goog-stored-content-length
8373
accept-ranges
bytes
content-type
application/json
expires
Mon, 04 Sep 2023 03:11:36 GMT
pxid
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co/v2.0/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co/v2.0/pxid?k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.9.241.35.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d8da09dfc65b954c745b1a214f9665505f89a6340401b8aa5f3a4ed6a0a14b08

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66
getuidj
ib.adnxs.com/ 		29 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
323bd1ce0fde84a9e45c4e429f8da2c4b6022952e231dcfc53c960beace153a1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:09 GMT
an-x-request-uuid
3a30a9e3-23a8-43bb-90d6-6644aeca71cd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
29
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
srv-2023-09-04-02.pixel.parsely.com/plogger/ Frame 5AC1 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2023-09-04-02.pixel.parsely.com/plogger/?rand=1693794609027&plid=93898832&idsite=shefinds.com&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&sref=&sts=1693794608327&slts=0&title=Shoppers+Slam+Walmart+For+Packaging+Change%3A+%E2%80%98Heading+In+The+Wrong+Direction%E2%80%99+-+SHEfinds&date=Sun+Sep+03+2023+16%3A30%3A09+GMT-1000+(Hawaii-Aleutian+Standard+Time)&action=pageview&pvid=28907679&u=pid%3D04bce0ebe77cd9857061808a68b66e5f
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.25.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-25-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:09 GMT
Cache-Control
no-cache
Last-Modified
Monday, 04-Sep-2023 02:30:09 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
stats.g.doubleclick.net/j/ 		2 B
149 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-72491114-4&cid=1789139906.1693794608&jid=1601623075&gjid=1265975907&_gid=723450144.1693794609&_u=aADAAEAAEAAAACAAI~&z=1320601525
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 04 Sep 2023 02:30:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
shell-ae7ab5d1.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		562 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/shell-ae7ab5d1.js
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
3c7b9c3a1cda5503ddae090590a36523802c86e8b957fe19cb5a8b8853efa04f

Request headers

Referer
https://embed.reddit.com/
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
145994
last-modified
Thu, 31 Aug 2023 22:08:53 GMT
server
snooserv
etag
"ed5df9b8cc393ef15ed441190390164a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
embed-comment-client-js-7795574e.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		296 B
299 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
075fad8dc99e36afadd5165463e68ef1539acf1f4922ba1318e0018c9f0aa3f1

Request headers

Referer
https://embed.reddit.com/
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
209
last-modified
Thu, 31 Aug 2023 22:08:47 GMT
server
snooserv
etag
"5f6f089159ec2136e61d0e8be216ae42"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
avatar_default_3.png
www.redditstatic.com/avatars/defaults/v2/ Frame 9C18 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.redditstatic.com/avatars/defaults/v2/avatar_default_3.png
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
86ab1b9968456d72e1b3a6bd54ab3d1d92a1cbab8082a17c82da95a81512236c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.reddit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 09 Sep 2021 14:41:22 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"9b921e072c38823f5c2df1b29eb34406"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/png
accept-ranges
bytes
content-length
7823
expires
Thu, 31 Dec 2037 23:59:59 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
2833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
630
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Sep 2023 02:42:56 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:25:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
306
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1129
x-xss-protection
0
last-modified
Tue, 27 Jun 2023 17:28:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 04 Sep 2023 03:25:03 GMT
collect
a.ad.gt/api/v1/ 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
cf-ray
8012cf1578c84bc6-BUF
getpixels
pixels.ad.gt/api/v1/ 		0
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=dcb76cd3da6be3eb0f335e66037887a0&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&code=%27none%27
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf158de94bc1-BUF
content-type
text/html; charset=utf-8
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://idsync.rlcdn.com/712559.gif?partner_uid=360bc6e7-ada9-4f46-ae29-aed96e573ae7
  • https://idsync.rlcdn.com/1000.gif?memo=CO--KxIwCiwIARD5vAoaJDM2MGJjNmU3LWFkYTktNGY0Ni1hZTI5LWFlZDk2ZTU3M2FlNxAAGg0IsYLVpwYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ab2970581c2a582b54ebadf42fc912d57b28cbb5ab0fad596f52aacf9c090398791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ab2970581c2a582b54ebadf42fc912d57b28cbb5ab0fad596f52aacf9c090398791426b5417dce21&rand=02100776
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ab2970581c2a582b54ebadf42fc912d57b28cbb5ab0fad596f52aacf9c090398791426b5417dce21&rand=02100776&expected_cookie=93c08194-3d91-46a2-80fc-731e86df6a32
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ab2970581c2a582b54ebadf42fc912d57b28cbb5ab0fad596f52aacf9c090398791426b5417dce21&rand=02100776&expected_cookie=93c08194-3d91-46a2-80fc-731e86df6a32
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 48A7860403234B719281E25E73FE22A4 Ref B: NYCEDGE1307 Ref C: 2023-09-04T02:30:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEf0os+lnYQ/DmDudoVQ==

Redirect headers

date
Mon, 04 Sep 2023 02:30:11 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 572ED376B0AC4EDEA3DBA7AC8ACCB39E Ref B: NYCEDGE1307 Ref C: 2023-09-04T02:30:11Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
/db_sync?pid=10339&puuid=ab2970581c2a582b54ebadf42fc912d57b28cbb5ab0fad596f52aacf9c090398791426b5417dce21&rand=02100776&expected_cookie=93c08194-3d91-46a2-80fc-731e86df6a32
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEf0okfPdP1nyRl3TDVA==
17dc1da1-dcf6-4d1d-a689-86ba4fe2a910
https://www.shefinds.com/ 		673 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.shefinds.com/17dc1da1-dcf6-4d1d-a689-86ba4fe2a910
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
323e3ae0e8c8ea495ddda1de99eecfd486bf3ed5cf6daf912e2dbe3e64be6e57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
689324
Content-Type
96e661b1-b7c0-4d7c-a305-da6471c8a2cd
https://www.shefinds.com/ 		673 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.shefinds.com/96e661b1-b7c0-4d7c-a305-da6471c8a2cd
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
323e3ae0e8c8ea495ddda1de99eecfd486bf3ed5cf6daf912e2dbe3e64be6e57

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
689324
Content-Type
.js
dyv1bugovvq1g.cloudfront.net/21/www.shefinds.com/collections/walmart-packaging-change/ 		816 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dyv1bugovvq1g.cloudfront.net/21/www.shefinds.com/collections/walmart-packaging-change/.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:c00:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33844370dbc61ca2d240cd88ca79325ad746b733cdb487bcd8bce7cf5f44d843

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:10 GMT
content-encoding
gzip
via
1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
x-amz-expiration
expiry-date="Fri, 13 Oct 2023 00:00:00 GMT", rule-id="cleanup"
last-modified
Sun, 13 Aug 2023 16:47:27 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-P1
etag
"fd624c27a26eca5c0f05ca5590ec9bcc"
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
content-length
263
x-amz-cf-id
leCr3wy-sZR9EJGyfTBQlBNznaTeSuCBPzHh0AebwFgWKG5AimNKqA==
pub
pixel.adsafeprotected.com/services/ 		1006 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=930203&slot=%7Bid:skm-ad-flexbanner,ss:%5B728.90,970.250,970.90%5D,p:/83521017293/a.shefinds/articles,t:display%7D&slot=%7Bid:skm-ad-frame2,ss:%5B728.90%5D,p:/83521017293/a.shefinds/articles,t:display%7D&slot=%7Bid:skm-ad-flexrec-1,ss:%5B300.250,300.600%5D,p:/83521017293/a.shefinds/articles,t:display%7D&slot=%7Bid:skm-ad-flexrec-rightrail,ss:%5B300.250,300.600%5D,p:/83521017293/a.shefinds/articles,t:display%7D&slot=%7Bid:skm-ad-medrec-03,ss:%5B300.250%5D,p:/83521017293/a.shefinds/articles,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=9d1ef90e-1a5e-a79f-29fd-ced1744f1362&url=https%253A%252F%252Fwww.shefinds.com%252Fcollections%252Fwalmart-packaging-change%252F
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d2ad46eedf72d517ee7ba543dcab72af774be9be7547db24dfc494b70740425b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
server
nginx
x-server-name
app18.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
ats.js
ats.rlcdn.com/ 		236 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
br
via
1.1 dee3e3075e44bf98642bfe89cb38088a.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 13:33:22 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
46608
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
XwoucEVrNmEaXkFz3Z49jAtP0NlFIc5xxuJKqIaM7CpPaOx9waAxCg==
service
async01.admantx.com/admantx/ 		7 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://async01.admantx.com/admantx/service?request=%7B%22key%22%3A%22dcde31e32d21f5432ab192ee50f9e0a8ef294bab4778ada95dfabeb949b2b9ce%22%2C%22filter%22%3A%5B%22default%22%5D%2C%22method%22%3A%22descriptor%22%2C%22mode%22%3A%22async%22%2C%22type%22%3A%22url%22%2C%22body%22%3A%22https%253A%252F%252Fwww.shefinds.com%252Fcollections%252Fwalmart-packaging-change%252F%22%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.128.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-128-118.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f91a1765ada3e1b0bd99d516b0d972e2170dcff318eda7b5efc224d034bdb415
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:09 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
server
nginx
content-type
text/plain; charset=UTF-8
beacons
p.flipp.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p.flipp.com/beacons
Requested by
Host: cdn-gateflipp.flippback.com
URL: https://cdn-gateflipp.flippback.com/tag/js/flipptag.js?site_id=1188365
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-91.ewr50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
via
1.1 00fd85d5c5d5bd788f272591be9ecbca.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
vary
Origin
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
x-amz-cf-id
XPl_3NAF5G1VYeMLcECWIuubbZE_isYFjHKMy8LzYFujIUecD5GtMg==
headerstats
as-sec.casalemedia.com/ 		0
0
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 91F7 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
4bZPGydm1DpGhvFOIZkUoLtWcIDloQGtIfQBoSIgl2ipsvMDloZHMQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91F7 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:09 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame C1EE 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
VNZKI-ytKqNG6n597ev3rKTxQBtJxY5DxicRDbaqPnQSbqLtgtL0Gg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C1EE 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:09 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 33C4 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404000
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qqELkirNX745yP0eifjPPffhF-lxmYkHmqgBTbrvFXaQSZn1fN9OSQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 33C4 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:09 GMT
geoip
api.permutive.com/v2.0/ 		282 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
2ee46859435664a3d7dc374970512bf46030795f7d434a2b1d94637255485041

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
198
watson
api.permutive.com/v2.0/ 		2 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/watson?k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
halo_match
ids.ad.gt/api/v1/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001693794608-24SKF765-H653&halo_id=060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm7g4ko6gzwigwiew6kwomy
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
i
pixel.keywee.co/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.keywee.co/i?stm=1693794609770&e=pv&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&page=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&tv=js-2.9.1&tna=cf&aid=920&p=web&tz=Pacific%2FHonolulu&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=b24ed275-8545-4121-a5b2-04691c5c5ebf&dtm=1693794609767&vp=1600x1200&ds=1600x14159&vid=1&sid=9f5b1e24-6847-4a86-8f02-6bddbd47e406&duid=62e3d955-cd58-416d-8e7c-01853b1d17ff&fp=306957071
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.211.247.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-247-225.compute-1.amazonaws.com
Software
nginx/1.21.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

status
200 OK
date
Mon, 04 Sep 2023 02:30:09 GMT
x-content-type-options
nosniff
content-type
image/gif
server
nginx/1.21.3
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=KWCEPV&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794609806&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=PageView&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794609807&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1230911863589528&ev=Microdata&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794609808&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds%22%2C%22meta%3Adescription%22%3A%22Read%20about%20why%20customers%20are%20mad%20at%20Walmart%20for%20making%20this%20change%20to%20their%20packaging%20on%20SheFinds.%22%2C%22meta%3Akeywords%22%3A%22climate-change%2Ceco-friendly%2Cenvironment%2Cgrocery-store-news%2Cnews%2Creddit%2Cshopping-news%2Cstore-news%2Cwalmart%2Cwalmart-news%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22og%3Adescription%22%3A%22Read%20about%20why%20customers%20are%20mad%20at%20Walmart%20for%20making%20this%20change%20to%20their%20packaging%20on%20SheFinds.%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Asite_name%22%3A%22SheFinds%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Ffiles%2F2023%2F08%2FWalmart-storefront.jpeg%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22article%3Apublished_time%22%3A%222023-08-10T09%3A00%3A18-04%3A00%22%2C%22article%3Aauthor%22%3A%22faith%20geiger%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
syncframe
gum.criteo.com/ Frame DCEB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.shefinds.com&us_privacy=1---
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:09 GMT
server
Kestrel
server-processing-duration-in-ticks
312029
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sfp.js
native.sharethrough.com/assets/ 		601 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://native.sharethrough.com/assets/sfp.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-20.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e02345f43db58226d399780770404f420e0259b0fd8c8612cb6e845f18ac16ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:06:19 GMT
content-encoding
gzip
via
1.1 8fd19835f7197012a8cc880526cfcce2.cloudfront.net (CloudFront)
last-modified
Thu, 31 Aug 2023 18:27:03 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
1431
x-amz-server-side-encryption
AES256
etag
W/"cd5d28b3bba061cec7e99a5064d5d579"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
PyiXrcICTEE33jPdW5bN1vTepvXawsYJlsCR5KBKf5NkrQf8E43bnA==
expires
Thu, 31 Aug 2023 19:27:01 GMT
cm_:onejs_load_evt@v=1559,onejs_exec_time@v=1,aax_load_time@v=1115,aax_load_time_one_tag@v=1115,aax_punt@v=1,aax_punt_one_tag@v=1
fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/ Frame 5AC1 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fls-na.amazon-adsystem.com/1/action-impressions/1/OE/associates-adsystems/action/cm_:onejs_load_evt@v=1559,onejs_exec_time@v=1,aax_load_time@v=1115,aax_load_time_one_tag@v=1115,aax_punt@v=1,aax_punt_one_tag@v=1?marketplace=US&service=AmazonWidgets&method=Widgets_Render_Time&marketplaceId=ATVPDKIKX0DER&requestId=0e36cb0a-0d55-401b-9bc1-25d90b454e9c&session=4deb3129-2496-46c7-ac70-4d8f967da720
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/iframe-modal/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.94.225.95 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:09 GMT
x-amzn-RequestId
60336bef-e201-4995-9a77-a18c703a9ea3
Content-Type
text/plain
3d2fb0bd-52fc-4b75-aaf5-2d436c172540-models.bin
cdn.permutive.com/models/v2/ 		254 KB
177 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.permutive.com/models/v2/3d2fb0bd-52fc-4b75-aaf5-2d436c172540-models.bin
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d44a787447f80b8126054428bbbb849a8197c6b38815ceb5c6ff3c354434dd5

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
cf-cache-status
HIT
x-goog-meta-oid
3d2fb0bd-52fc-4b75-aaf5-2d436c172540
age
0
x-guploader-uploadid
ADPycduyaV442GO1XAOG9Pxo7pSrvm1BLHye8OmZixjJCenIJlwzIHLUsS0dpZZKizUGybQCyotcJQsNiizlFA9E19a_ig
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
180217
last-modified
Mon, 28 Aug 2023 06:01:42 GMT
server
cloudflare
etag
"1ccb1aaa48d86895d1fe3ba987247763"
vary
Accept-Encoding
x-goog-generation
1693202502286805
content-type
application/x-binary
access-control-allow-origin
*
x-goog-hash
crc32c=8qgsrw==, md5=HMsaqkjYaJXR/juphyR3Yw==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=900, no-transform
x-goog-stored-content-length
180217
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8012cf17ec8c36bd-YYZ
expires
Mon, 04 Sep 2023 02:21:38 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-72491114-4&cid=1789139906.1693794608&jid=1601623075&_u=aADAAEAAEAAAACAAI~&z=79932674
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
identify
api.permutive.com/v2.0/ 		50 B
88 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/identify?k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
d82df0138b12f3954d4be0bd5af3e74a1123f056188c3db7249c3376f5503e40

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:09 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70
view
securepubads.g.doubleclick.net/pcs/ Frame 91F7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstVSEu0ouPCEI8lyuTJoZbO0uJOGuCQ90RQ7qtsafuH0c6Uhmh_lkCCYdeah2evgEW7ln1dQwz3lI0Y34KhYPjv4rGqEe5fg33sD4heObMxthIarEEfPPpFQY40MKjido4tk3PoHgtdM9XRdy-Mu5_ijJ9xAYtMxTXcEfLemgQvjhDnIfxa0AhnqY007QIhTK5ZvrEv5GIQ6r5gpUjTHmBTOzGUumFbAewpOId5blnp4NrPeQLWuOrWugYRK0yivsDu_X7QIkT7gogRiZgwyrkKYNj9j-VhGNPmvYgs41G3FBFeeewnXs6hLAB_O3J3EkgGi-N3CuenaZEVhKxno4Pw-7-LKwgedf6Mr3y0fqwN&sai=AMfl-YTTyK5chEdjqSnJ1VLWBLVtA9CNuWmdnwWWYGaB-qCQ3JsQFRbeMXj2QuLav4iKwvK9X-tl4NhmanyutzPF-21miEPEIqBLYP3T-UPKwYnm2O9zm_kTf6yyRJ1tFrU&sig=Cg0ArKJSzFsAahGVrBK4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame 91F7 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=463&friendly=friendly_63882213&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=63882213&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.172.234.98 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bidstream-nyc-02.advertserve.org
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame C1EE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTCXBSS_amuaBo1fWQFhfW8GUchARYwcopBGWT28bxZbBffz6zsWSzZ4rubpJx1guet-YpMkGTUe2Z13z5i0btlSdZp6grt0y2J8yk3Y2BkZ4069ukS1BxBjR-mLLmyoQC6AKog4us2DE65pXbPin0fChvzU9q4Ew0F3ijsHvU9oyBGrLa2lmjDjgDdJhfIDzuIiUsPN4x55Y4vTWH9Ch3sGSba4-WKAcyRCI09u6th0WPZeYcGiyDya7RSg2vv0s7H3NhBQB3fxV0rqNRj-mWG7XcibCIEHzAwq0hRXZPgu41YDyt3qIprZVStu8mzNuOCeNh502F4FxnjfJOrShhgt9C3c_5-5Nktg&sai=AMfl-YQrToJPIUkFt5ll8FO3ncBbVR3wY1bJRn0KpODTB3HuTpN0qW_eerjSV4HhQ7VHRz0Ml76pUi8V6UZsz19ajLuO0UYToZW7rDbZoxAn6X76RzAmGquyhnW3PJIdGoQ&sig=Cg0ArKJSzLUXenCk-MKNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame C1EE 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_72510872&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=72510872&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.172.234.98 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bidstream-nyc-02.advertserve.org
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 33C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRrKLK-2gJTHVsOCMLsogQqZ4PtqxESU9pQs2qB0eUNZyLBGUF-FKazbKjKUb1qAVKYG0WhDnhFHzSr6kkaSVGjeMeGfC9WMflfif-_r-76p4qZ1b_w3kZLCXifQaRiGHmMdqFjI1fPOQ7j2FWCcjTZiuQqef7u9H_CW8HJ6BSd2R_yZ6ioQwLYEbMjwAVbO1JXX9lr0R66p07DE0s7i1qlJU_v2A4ieyYxsRYRW1hJ06H19lcOsR7qbDr_votLCm4dc9wpM18GrHaPfvY7saKljH07XOpJHPC6b_ikRNDaqf4BHfa6AJdQ8EqZlXVTef3dYlhHunT5rUxKFpAvrS2GbrIpTOGsGL5ng&sai=AMfl-YQN2uh5kaTMmZK0Rn9vbcznJhMXmw39g0eRUMZcI53lsG159fUGVwm5Md-C00MKP4pmXU7ilIvKeNSJ6tlV3wUcpP2kpWwjUpWIYPL5fwrl04epl3Lo0gA40aVnMag&sig=Cg0ArKJSzDw25u-XmfbfEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame 33C4 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_60653926&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=60653926&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.172.234.98 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bidstream-nyc-02.advertserve.org
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
faceplate-alerts-09b3af62.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/faceplate-alerts-09b3af62.js
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/shreddit/en-US/shell-ae7ab5d1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e8e507745e3d49bca97990afd69da76db5633ec37acd598c5ca957b92b2f9a34

Request headers

Referer
https://embed.reddit.com/
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
2054
last-modified
Thu, 31 Aug 2023 22:08:58 GMT
server
snooserv
etag
"b16d7c60a9b2d2d64213d30d57fb4cd0"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
policy
w3-reporting.reddit.com/ Frame 9C18 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://w3-reporting.reddit.com/policy
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://embed.reddit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubdomains
x-xss-protection
1; mode=block
server
Varnish
access-control-max-age
86400
access-control-allow-methods
POST, OPTIONS
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
access-control-allow-origin
https://embed.reddit.com
x-reddit-w3reporting
{"report_to": "w3-reporting", "max_age": 14400, "success_fraction": 0.99, "failure_fraction": 0.99}
access-control-expose-headers
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
vary
Origin
accept-ranges
bytes
access-control-allow-headers
Content-Type,Origin,X-origination-host,X-origination-path
x-frame-options
SAMEORIGIN
retry-after
0
TS1WuGzrX0tbWvAbDX8DAh
embed.reddit.com/svc/shreddit/ Frame 9C18 		2 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/svc/shreddit/TS1WuGzrX0tbWvAbDX8DAh
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-M/RcZkNM7s9h2Ampq1JJiA==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
x-sh-microapp-route
monolith
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-M/RcZkNM7s9h2Ampq1JJiA==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
date
Mon, 04 Sep 2023 02:30:11 GMT
via
1.1 varnish
server
snooserv
content-security-policy-report-only
object-src 'none';script-src 'nonce-M/RcZkNM7s9h2Ampq1JJiA==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors 'self' *.reddit.com *.snooguts.net;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,accept-language
x-is-wrs
false
cache-control
private, s-maxage=1, max-age=1, must-revalidate
accept-ranges
bytes
content-length
2
w3-report-from-v2-event-3d775c9e.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/w3-report-from-v2-event-3d775c9e.js
Requested by
Host: www.redditstatic.com
URL: https://www.redditstatic.com/shreddit/en-US/shell-ae7ab5d1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
73b44da9470d0bd09c8e4016ece582716e361bd6962943610db8a3436eb864f8

Request headers

Referer
https://embed.reddit.com/
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
1217
last-modified
Thu, 31 Aug 2023 22:08:46 GMT
server
snooserv
etag
"1931e7a039e5a6338e0cdf3da5e74515"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
perfMetrics
embed.reddit.com/svc/shreddit/ Frame 9C18 		7 B
3 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/svc/shreddit/perfMetrics
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
d70b9e24bca26b409b9458ceca6c9e5c2b5c3171c37ff050c6f6a0d7a4420d2a
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-1o5c38x9apWzqK7Ix0zBiQ==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-1o5c38x9apWzqK7Ix0zBiQ==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
date
Mon, 04 Sep 2023 02:30:11 GMT
via
1.1 varnish
server
snooserv
content-security-policy-report-only
object-src 'none';script-src 'nonce-1o5c38x9apWzqK7Ix0zBiQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors 'self' *.reddit.com *.snooguts.net;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,accept-language
x-is-wrs
false
cache-control
private, s-maxage=1, max-age=1, must-revalidate
accept-ranges
bytes
content-length
7
standard-player.html
tags.remixd.com/player/v5/players/ 		129 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.remixd.com/player/v5/players/standard-player.html
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-79.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:29:30 GMT
content-encoding
gzip
via
1.1 9f08c6ca19a0337d28f09e25b9ff37c4.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
age
42
x-cache
Hit from cloudfront
content-length
29730
last-modified
Tue, 21 Jun 2022 15:31:59 GMT
server
AmazonS3
etag
"9a2e807a291cbaccaab15c40f0629813"
access-control-max-age
60
access-control-allow-methods
GET, HEAD
content-type
text/html
access-control-allow-origin
*
cache-control
public,max-age=1800
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
5A9XnC7roP_Kg-DF5vE1TRHJiSv6R_3B3_SZCF5cn6hhEjAdlJGy5g==
907296
api-2-0.spot.im/v1.0.0/config/ab_test/sp_BbylgSbK/ 		141 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_BbylgSbK/907296
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
d45ac9d2f1fa43531b6acb15b0b6b572f8b5a1065428a7ffc1dab7465f449a12
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json
Referer
https://www.shefinds.com/
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
x-spotim-page-view-id
e3a6c02f-3821-4966-b815-070e1fd3f4b8
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
content-length
141
x-request-id
f8c82f2a-4aca-11ee-a356-e66dc7a69477
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
EjFJkvFkcXThMIb0Ebzig5FFVcskomaRlRXMDinrBMnhltDq_AfTwA==
907296
api-2-0.spot.im/v1.0.0/config/ab_test/sp_BbylgSbK/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_BbylgSbK/907296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 04 Sep 2023 02:30:11 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-id
-e8XmOFoNsscJ2QBRZir3i1HqbjUCxIQp73SMrdZx1LrIq9Nlg1wHQ==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
truncated
/ Frame 33C4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b57c90a0d1aec3b3d1b8f8ccbd7b097b511e5fb90cf0146dc0a520853cf9ba03

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
ping
api.viglink.com/api/ 		311 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/ping
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.67.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-67-203.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
ce2045623d9da8bb8eca06dc5bf7b2c2a6365c02f21e36202db967a2ea5e5811

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:11 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.shefinds.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
311
Expires
Thu, 01 Jan 1970 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3161&u=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1e9566328ed695496ddcfab7d78dffb01b62ec2e7fe0b2f09d95e8301ce698a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:09:58 GMT
via
1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
1212
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2336
x-amz-cf-id
EKdiodf4kALZleT561zyGwZ44M1FeibFIO__bmFYis5bRxlGFJtrXg==
bid
aax.amazon-adsystem.com/e/dtb/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3161&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&pid=CEJ1m21l3mF8s&cb=0&ws=1600x1200&v=23.821.1806&t=950&slots=%5B%7B%22sd%22%3A%22skm-ad-flexbanner%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%22%7D%2C%7B%22sd%22%3A%22skm-ad-frame2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%22%7D%2C%7B%22sd%22%3A%22skm-ad-flexrec-1%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%22%7D%2C%7B%22sd%22%3A%22skm-ad-flexrec-rightrail%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%22%7D%2C%7B%22sd%22%3A%22skm-ad-medrec-03%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.129.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-129-159.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1f658783eb2418be92d28aad3d0b0d60804efcb178d55de33920b6121aa2b492
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P7
x-amz-rid
0BHZ7JD76GTR3D0K8RG2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
1057
x-amz-cf-id
_U_ZqyvuiI73IrN1ksBCYBBL56LU6Z0wWv3uItVVc99w1EJPF-v23A==
envelope
api.rlcdn.com/api/identity/ 		0
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13252
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=Microdata&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794611241&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds%22%2C%22meta%3Adescription%22%3A%22Read%20about%20why%20customers%20are%20mad%20at%20Walmart%20for%20making%20this%20change%20to%20their%20packaging%20on%20SheFinds.%22%2C%22meta%3Akeywords%22%3A%22climate-change%2Ceco-friendly%2Cenvironment%2Cgrocery-store-news%2Cnews%2Creddit%2Cshopping-news%2Cstore-news%2Cwalmart%2Cwalmart-news%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22og%3Adescription%22%3A%22Read%20about%20why%20customers%20are%20mad%20at%20Walmart%20for%20making%20this%20change%20to%20their%20packaging%20on%20SheFinds.%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Asite_name%22%3A%22SheFinds%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Ffiles%2F2023%2F08%2FWalmart-storefront.jpeg%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22article%3Apublished_time%22%3A%222023-08-10T09%3A00%3A18-04%3A00%22%2C%22article%3Aauthor%22%3A%22faith%20geiger%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=2&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
14294
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		0
272 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/14294?t=202383166
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.189.209 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-189-209.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
null
date
Mon, 04 Sep 2023 02:30:11 GMT
last-modified
Tue, 18 Nov 2014 20:18:12 GMT
server
AmazonS3
x-amz-request-id
AB0C1AC9F5601C48
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
application/x-javascript
cache-control
max-age=2076
accept-ranges
bytes
content-length
0
x-amz-id-2
83hyi++pL6RUDiRk+9aYzXx2WClr0fbClZxFjiNENwIHPLeFnr9oqrd9RtBOH0IbcINwqhNHoPs=
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=NATIVOINVCONTENT1&hp=1&cm=33&pl=1&kq=1&dnt=0&bq=0&f=0&j=&o=3&t=1693794610384&de=463464521125&m=0&ar=6194820-clean&q=0&cb=0&cu=1693794610384&ll=2&ln=0&em=0&en=0&d=14294%3A-%3A-%3A-&qs=1&gu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&gw=nativonielsen548znrb18&fd=1&ac=1&it=500&fs=98815&na=519892065&cs=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.189.209 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-189-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 04 Sep 2023 02:30:11 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		83 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4012409536050128&correlator=1237372857555987&eid=31077576%2C20222283&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21824729475%2Cshefinds-shefinds-desktop-300x250%2Cshefinds-shefinds-desktop-728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2&prev_iu_szs=300x250%2C728x90%2C728x90&ifi=4&sfv=1-0-40&rcs=1%2C1%2C1&eri=1&sc=1&cookie=ID%3Df4365ba33414e7f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MazNz2hq7EamHvgy9Von-nafnO9QQ&gpic=UID%3D000009fc561c41f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MbKlL1TgVc1-vhqOeuMOl23b4vyjg&abxe=1&dt=1693794611259&lmt=1693830476&adxs=650%2C436%2C436&adys=4716%2C4380%2C4980&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7%7C8%7C9&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&vis=1&psz=300x250%7C728x90%7C728x90&msz=300x-1%7C728x-1%7C728x-1&fws=4%2C4%2C4&ohw=960%2C960%2C960&ga_vid=1789139906.1693794608&ga_sid=1693794609&ga_hid=373171656&ga_fc=true&dlt=1693794606980&idt=1664&ppid=92e47ef3-e5e4-4a9c-b6d4-2eb85344024c&cust_params=permutive%3D%26puid%3Db10f1680-a6f7-4e6e-8f05-6311e1399ca3%26ptime%3D1693794609682%26amznbid%3D1%26amznp%3D1&adks=3451304819%2C531428060%2C531428063&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
964f6558ed8efe0721ade9d694ef582a68b7e6aeba4d098c75c8fd8f9659a1a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14601
x-xss-protection
0
google-lineitem-id
6124744791,6126907430,6126907430
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406906113,138406906107,138406906110
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
btn.js
d3r7h55ola878c.cloudfront.net/btn/1.0.2/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d3r7h55ola878c.cloudfront.net/btn/1.0.2/btn.js?_=1693794611280
Requested by
Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/b13bb4ea-e15d-4648-b2c9-380d00e78091/user.js?cb=638255840286354546
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.66.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-47.ewr53.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
/
geo.privacymanager.io/ 		30 B
611 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.61.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-61-61.ewr53.r.cloudfront.net
Software
/
Resource Hash
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 08:30:40 GMT
via
1.1 7a9f6a4fba100d04559a6d3a82b7dc56.cloudfront.net (CloudFront), 1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P4, EWR53-P1
age
64771
x-amzn-requestid
be1f43bf-a6ba-4055-aeaa-b44fc6372ea8
x-amzn-trace-id
Root=1-64f44430-3ad77825014b457c5f161462;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
Kq-XjE_aDoEFzwg=
content-length
30
x-amz-cf-id
BPFkbePOHNQyem_JmLhsnkY-A6K88Iv9eqIlNTuLIjz9-JUUd84V7Q==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
truncated
/ Frame 91F7 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a9095118485ec6a4b48ef54210ff6df0107938586037b4a94caf00e953068dc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C1EE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f97172c879399928ec0ddfbf44fc9c89a5bf54d0e3d428de302107390110a5f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame DCEB
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=shefinds.com&sn=ChromeSyncframe&so=0&topUrl=www.shefinds.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=4-GJh3xFaSt0U25DMmRYMTl2Vit4OFRSUUUrbEZ6MHB3UXA5bTVFeG9NeUtHUEREeVFKeGxHUzVvOGZaeVJiOEU3NGpvME5qNmQ3cGFZVWdQWDU4UTExamdTUDhMNzFIL0JGWTd6UmZ6STVmbDhxNWFtUlpGYU1tZ0dISz...
441 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=4-GJh3xFaSt0U25DMmRYMTl2Vit4OFRSUUUrbEZ6MHB3UXA5bTVFeG9NeUtHUEREeVFKeGxHUzVvOGZaeVJiOEU3NGpvME5qNmQ3cGFZVWdQWDU4UTExamdTUDhMNzFIL0JGWTd6UmZ6STVmbDhxNWFtUlpGYU1tZ0dISzMraS9ZRlRORy94WXhOU2tmQmxBU0VLY3h0bWJUVW50TUpCUVlFbjhHVUs4YnlManIwcUxoYytrVWRnSlFRSjdTSlNOT3hOdG1iQm9JbmVybERYQ1hRUXpvQXc5RCtwWHdkdDVzQjh6ZjgvVHRxOTFYYnRDOGhxTjZZMlROeFlKSm94YmVETFltQ1h1RGY0aXk3Z2lzZzdjSkdlVWZOQT09fA&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a5d9e3a643c9f14582d15e8f1c53b75b734bca525a751aa416e6aa1fbecb67ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:11 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2141851
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:11 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=4-GJh3xFaSt0U25DMmRYMTl2Vit4OFRSUUUrbEZ6MHB3UXA5bTVFeG9NeUtHUEREeVFKeGxHUzVvOGZaeVJiOEU3NGpvME5qNmQ3cGFZVWdQWDU4UTExamdTUDhMNzFIL0JGWTd6UmZ6STVmbDhxNWFtUlpGYU1tZ0dISzMraS9ZRlRORy94WXhOU2tmQmxBU0VLY3h0bWJUVW50TUpCUVlFbjhHVUs4YnlManIwcUxoYytrVWRnSlFRSjdTSlNOT3hOdG1iQm9JbmVybERYQ1hRUXpvQXc5RCtwWHdkdDVzQjh6ZjgvVHRxOTFYYnRDOGhxTjZZMlROeFlKSm94YmVETFltQ1h1RGY0aXk3Z2lzZzdjSkdlVWZOQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
576783
content-length
0
expires
0
embed-event-handler-81497df3.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/embed-event-handler-81497df3.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e1fe57a927865a31d8c8259f8316f44fa3b19de805b0bc964e829d81eebd1dbc

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
1216
last-modified
Thu, 31 Aug 2023 22:11:02 GMT
server
snooserv
etag
"fb1050155833946158dc1b2dab29aa07"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
shreddit-embed-title-f63fdaf7.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/shreddit-embed-title-f63fdaf7.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
c9f23a498698696aff8d0324625108ab28c9d5f5c885da7cdf3ceab6479181b8

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
1375
last-modified
Thu, 31 Aug 2023 22:10:58 GMT
server
snooserv
etag
"04bf7e1bcdf0faa44bbfd2ad3664aef6"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
faceplate-tooltip-f15905e3.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/faceplate-tooltip-f15905e3.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
02065a007ed6d7db45f50d1e01c93389f42b03a0827e9c1361e632203ae12578

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
1979
last-modified
Thu, 31 Aug 2023 22:10:15 GMT
server
snooserv
etag
"4212b0f6e771ae46429b62df58b36a37"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
shreddit-spoiler-379be3cb.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		879 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/shreddit-spoiler-379be3cb.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
ed0575d51f4079c8109ab21a591bbbab7e2be1addf8300fd5e431633daaac71c

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
507
last-modified
Thu, 31 Aug 2023 22:08:33 GMT
server
snooserv
etag
"3be471fce419a84d316bac210f11fa13"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
makeEventDispatcher-d902b6e4.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/makeEventDispatcher-d902b6e4.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e73d0fefe39957f20b7f462197cc3a7143086b772e818c859a7dc1a1a689edff

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/embed-comment-client-js-7795574e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
2760
last-modified
Thu, 31 Aug 2023 22:09:45 GMT
server
snooserv
etag
"75eee0f54417df9fdd712f199227a3c1"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.102.49 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-102-49.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 04 Sep 2023 02:45:11 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 11:35:10 GMT
content-encoding
gzip
via
1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:15 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
53702
x-amz-server-side-encryption
AES256
etag
W/"560498a44e7d42477433425cdafd6a16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
t2E45_iuoccaOcbluSQ05wGr0-Lj4PMNFZRqN__HNh3eHdkSjpKeXA==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ref=&_it=amazon&partner_id=458
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
1784
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8012cf218b364bbd-BUF
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		118 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
NZGZF22DA6X55N2Z
age
2067
etag
W/"7799d2904b6b2427a4713f4da8b71602"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8012cf21fa9e4bc0-BUF
x-amz-id-2
9ODLf4FiT/PvJBsNSuNeBWOIUC7gfUfoqt13l19MRSVAGmrRdWiwS7SqLIJ07AWWdi+jk5XW3ea5Hw3dJfzUpA==
tag.min.js
get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/
Redirect Chain
  • https://api.viglink.com/api/sync.js?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1---
  • https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
18.164.124.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-103.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5240f81348f6e42a822cb94a7440d7dbd266ce56c6f6201c50357f43e9fa5a95

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
TbEa6KI1u6dfxXR9ioGAHdquwCbY0JAH
content-encoding
gzip
via
1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 15:20:44 GMT
last-modified
Tue, 28 Feb 2023 11:20:38 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
40168
x-amz-server-side-encryption
AES256
etag
W/"1fdcbd9b025a8e748615aeda2355e253"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
48utaje719Q7-SSffXCHOhl3w_P_s5u0CzAYdXC_VtnRfhWh_h5njg==

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:11 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Location
https://get.s-onetag.com/87eee822-3536-4216-86df-3b822f799b42/tag.min.js
Cache-Control
no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://api.viglink.com/api/sync.gif?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1---
  • https://ce.lijit.com/merge?pid=8008&3pid=77fe38b6038d847d6ee7e82402330055
  • https://ce.lijit.com/merge?pid=8008&3pid=77fe38b6038d847d6ee7e82402330055&dnr=1
43 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=8008&3pid=77fe38b6038d847d6ee7e82402330055&dnr=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:13 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:12 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=8008&3pid=77fe38b6038d847d6ee7e82402330055&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
css2
fonts.googleapis.com/ 		2 KB
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ff4fe886c21f09a3ba144b93e3eb818a5152eaac69c25fce50a31677078c533
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 02:03:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Sep 2023 02:30:11 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 91F7 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame C1EE 		0
0
audiences
api.permutive.com/audience-matching/v1/id/b10f1680-a6f7-4e6e-8f05-6311e1399ca3/ 		12 B
75 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/audience-matching/v1/id/b10f1680-a6f7-4e6e-8f05-6311e1399ca3/audiences?k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
/
Resource Hash
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:11 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12
content-type
application/json
TinyGesture-fec3f2ea.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/TinyGesture-fec3f2ea.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
cf3bfaf226426b3133d84ad79a74aad40d04da37a4c770a80cf200c7dc615334

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/faceplate-alerts-09b3af62.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
1558
last-modified
Tue, 04 Apr 2023 22:58:58 GMT
server
snooserv
etag
"14171e95fa9da45b0612b5770551b3e5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
alerts-controller-27c3e68b.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		1 KB
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/alerts-controller-27c3e68b.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
bb42ff5a78359c49c34bd30860aad34c6f3f70b8d7e32bd7d0fd0e37223c3229

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/faceplate-alerts-09b3af62.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
528
last-modified
Thu, 31 Aug 2023 22:08:55 GMT
server
snooserv
etag
"c6691c3d9831d579a1f1fbc872a855fa"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
icon-clear-fill-630bfab5.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		387 B
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/icon-clear-fill-630bfab5.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
1d34355cb77a057ffcb32098256aef0ade7e1aa7812b9edeadac7dc7f2075e24

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/faceplate-alerts-09b3af62.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
268
last-modified
Thu, 31 Aug 2023 22:09:50 GMT
server
snooserv
etag
"9c7db809e65f502b27aa7c18452333c8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
icon-close-outline-fc4e2b29.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		333 B
337 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/icon-close-outline-fc4e2b29.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
494dc022010a646dfeb0e632c754a055bed4f7ed72cdfdba195d2c2dbbcb2da2

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/faceplate-alerts-09b3af62.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
247
last-modified
Thu, 31 Aug 2023 22:10:42 GMT
server
snooserv
etag
"d8a5d21c04a778fd2141734b1279e212"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
view
securepubads.g.doubleclick.net/pcs/ Frame 33C4 		0
0
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=34&ud=false&qa=1600&qb=1200&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qi=1600&qj=1200&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qm=600&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!w%5ETm_hBE%22%3B8%2BYe6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23V%7Du%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&i=NATIVOINVCONTENT1&hp=1&cm=33&pl=1&kq=1&dnt=0&bq=0&f=0&j=&o=3&t=1693794610384&de=463464521125&m=0&ar=6194820-clean&q=1&cb=0&cu=1693794610384&ll=2&ln=0&em=0&en=0&d=14294%3A-%3A-%3A-&qs=1&gu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&gw=nativonielsen548znrb18&fd=1&ac=1&it=500&fs=98815&na=1125845702&cs=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.189.209 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-189-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:11 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 04 Sep 2023 02:30:11 GMT
domains
api.viglink.com/api/ 		41 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viglink.com/api/domains
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.67.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-67-203.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
d68d9fe5c2e13457907dc9b4962ddfbbfd68f5ada58a41a8f452e1a9f2333658

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:10 GMT
Server
Apache-Coyote/1.1
P3P
CP="ALL IND DSP COR CUR ADM TAIo PSDo OUR COM INT NAV PUR STA UNI"
Access-Control-Allow-Origin
https://www.shefinds.com
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
41
Expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 91F7 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C1EE 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 33C4 		0
0
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 6E30 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404002
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
JBJncxGZE-bznxTq6tdmK_WdQIDSrxctVABIwPnFnTdQdxWkSN0Fcw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6E30 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:11 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 23BF 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404002
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
BAF5mb-nNBnDzS_cZOvVuy0ORuI3O9bSznkxFU2FDtOr7fNXcbRkQA==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 23BF 		181 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:11 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame DFF5 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404002
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
T03ex4jq1Er2a-j1b9ToRs4EY6yiRGJkfGhC2EIP8DAgRNoYygxekw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DFF5 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:11 GMT
cookie_sync
prebid-server.rubiconproject.com/ 		2 KB
873 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f171a99c02f0132db8a7166defdd3db8fe19c024733b36b3a1ed57be78a5376b

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
600
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		0
0
shemedia
direct.adsrvr.org/bid/bidder/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/shemedia
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
bid
krk.kargo.com/api/v2/ 		2 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22345ecc47-20e8-461b-9c5f-0b1a2c3b56b1%22%2C%22requestCount%22%3A0%2C%22timeout%22%3A1000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1693794611930%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22144ae70d636514e%22%3A%22_qFMT08JITI%22%2C%22153b8821e25b018%22%3A%22_v6VdRarHJG%22%2C%221623c754a550813%22%3A%22_ywYyfUetzl%22%2C%2217c08949b18c61b%22%3A%22_ywYyfUetzl%22%2C%221862ca950309f3%22%3A%22_cFuWeE9eDw%22%7D%2C%22bidSizes%22%3A%7B%22144ae70d636514e%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%2C%22153b8821e25b018%22%3A%5B%5B728%2C90%5D%5D%2C%221623c754a550813%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%2217c08949b18c61b%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%221862ca950309f3%22%3A%5B%5B300%2C250%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_qFMT08JITI%22%7D%2C%22auctionId%22%3A%22fe29e799-9b1c-497e-babd-79f63adb67b6%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A0%2C%22location%22%3A%22setConfig%22%7D%2C%22userId%22%3A%7B%22tdid%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22divid%22%3A%5B%22skm-ad-flexbanner%22%5D%2C%22st%22%3A%5B%22flxban%22%5D%2C%22inview%22%3A%5B%22true%22%5D%2C%22loc%22%3A%5B%221%22%5D%2C%22impuuid%22%3A%5B%2259abb4e8-d334-47af-953c-0d70351114cb%22%5D%2C%22inst%22%3A%5B%221%22%5D%2C%22stinst%22%3A%5B%221%22%5D%2C%22optimera%22%3A%5B%22NULL%22%5D%2C%22id%22%3A%5B%22f7d00b9a-4aca-11ee-b76d-02210cbb4ca3%22%5D%2C%22vw%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22grm%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22pub%22%3A%5B%2240%22%5D%2C%22vertical%22%3A%5B%22articles%22%5D%2C%22vertical1%22%3A%5B%22articles%22%5D%2C%22pbadslot%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexbanner%2Fskm-ad-flexbanner%22%7D%2C%22gpid%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexbanner%2Fskm-ad-flexbanner%22%2C%22tid%22%3A%224a601877-2b72-4d81-93e5-dfb6b062a4d9%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22skm-ad-flexbanner%22%2C%22transactionId%22%3A%224a601877-2b72-4d81-93e5-dfb6b062a4d9%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%2C%22bidId%22%3A%22144ae70d636514e%22%2C%22bidderRequestId%22%3A%22138042c9008947f%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%2C0%5D%2C%22userId.mod.init%22%3A%5B0.09999847412109375%2C0.40000152587890625%2C0%2C0.20000076293945312%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999847412109375%2C0%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.40000152587890625%2C0.20000076293945312%5D%2C%22userId.init.modules%22%3A%5B3%2C1.2000007629394531%5D%2C%22userId.total%22%3A%5B3801.7999992370605%2C168.39999771118164%5D%2C%22userId.mod.callback%22%3A%5B169.5%5D%2C%22userId.mods.identityLink.callback%22%3A%5B169.5%5D%2C%22userId.callbacks.total%22%3A%5B169.60000228881836%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A1.1000022888183594%2C%22requestBids.userId%22%3A1%2C%22requestBids.rtd%22%3A367%2C%22requestBids.validate%22%3A1.5%2C%22requestBids.makeRequests%22%3A26.400001525878906%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22pvuuid%22%3A%5B%2265e90d9a-880c-4922-8429-737d1e8accef%22%5D%2C%22addir%22%3A%5B%22bh%2F41%2F412%2F412983%2F2498530%22%5D%2C%22site%22%3A%5B%22shefinds%22%5D%2C%22domain%22%3A%5B%22shefinds.com%22%5D%2C%22urlhash%22%3A%5B%222907093993%22%5D%2C%22section%22%3A%5B%22collections%22%5D%2C%22directory%22%3A%5B%22walmart-packaging-change%22%5D%2C%22plat%22%3A%5B%22desk%22%5D%2C%22pt%22%3A%5B%22-%22%5D%2C%22schainv10%22%3A%5B%221.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C%22%5D%2C%22browser%22%3A%5B%22Chrome%22%5D%2C%22pageview%22%3A%5B%221%22%5D%2C%22refresh%22%3A%5B%22n%22%5D%2C%22admants%22%3A%5B%22S_10087%22%2C%22S_10271%22%2C%22S_10955%22%2C%22S_11587%22%2C%22S_12403%22%2C%22S_12404%22%2C%22S_12747%22%2C%22S_4284%22%2C%22S_4288%22%2C%22S_4289%22%2C%22S_4304%22%2C%22S_4317%22%2C%22S_4359%22%2C%22S_5276%22%2C%22S_6202%22%2C%22S_6310%22%2C%22S_6650%22%2C%22S_6654%22%2C%22S_6655%22%2C%22S_6766%22%2C%22S_6768%22%2C%22S_6911%22%2C%22S_7077%22%2C%22S_8531%22%2C%22S_9094%22%5D%2C%22adt%22%3A%5B%22veryLow%22%5D%2C%22alc%22%3A%5B%22veryLow%22%5D%2C%22dlm%22%3A%5B%22veryLow%22%5D%2C%22drg%22%3A%5B%22veryLow%22%5D%2C%22hat%22%3A%5B%22veryLow%22%5D%2C%22off%22%3A%5B%22veryLow%22%5D%2C%22vio%22%3A%5B%22veryLow%22%5D%2C%22ias-kw%22%3A%5B%22IAS_1506123_PG%22%2C%22IAS_3007008_PG%22%2C%22IAS_1500690_PG%22%2C%22IAS_1500154_PG%22%2C%22IAS_1500161_PG%22%2C%22IAS_8285_KW%22%2C%22IAS_13037_KW%22%2C%22IAS_5678_KW%22%2C%22IAS_1500092_PG%22%2C%22IAS_1500085_PG%22%5D%2C%22fr%22%3A%5B%22true%22%5D%2C%22batch%22%3A%5B%221%22%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pmc.com%22%2C%22sid%22%3A%221179161%22%2C%22hp%22%3A1%7D%5D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_v6VdRarHJG%22%7D%2C%22auctionId%22%3A%22fe29e799-9b1c-497e-babd-79f63adb67b6%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A0%2C%22location%22%3A%22setConfig%22%7D%2C%22userId%22%3A%7B%22tdid%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22divid%22%3A%5B%22skm-ad-frame2%22%5D%2C%22st%22%3A%5B%22frame2%22%5D%2C%22inview%22%3A%5B%22true%22%5D%2C%22close_control%22%3A%5B%22enabled%22%5D%2C%22loc%22%3A%5B%22sticky%22%5D%2C%22impuuid%22%3A%5B%224a66fba7-4d47-4a2a-b079-e935bee7a118%22%5D%2C%22inst%22%3A%5B%22s1%22%5D%2C%22stinst%22%3A%5B%22s1%22%5D%2C%22optimera%22%3A%5B%22NULL%22%5D%2C%22id%22%3A%5B%22f7d00b9b-4aca-11ee-b76d-02210cbb4ca3%22%5D%2C%22vw%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22grm%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22pub%22%3A%5B%2240%22%5D%2C%22vertical%22%3A%5B%22articles%22%5D%2C%22vertical1%22%3A%5B%22articles%22%5D%2C%22pbadslot%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fframe2%2Fskm-ad-frame2%22%7D%2C%22gpid%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fframe2%2Fskm-ad-frame2%22%2C%22tid%22%3A%224d7c71ea-ff1b-4566-9ef0-fd1db675084f%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B728%2C90%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22skm-ad-frame2%22%2C%22transactionId%22%3A%224d7c71ea-ff1b-4566-9ef0-fd1db675084f%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22bidId%22%3A%22153b8821e25b018%22%2C%22bidderRequestId%22%3A%22138042c9008947f%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%2C0%5D%2C%22userId.mod.init%22%3A%5B0.09999847412109375%2C0.40000152587890625%2C0%2C0.20000076293945312%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999847412109375%2C0%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.40000152587890625%2C0.20000076293945312%5D%2C%22userId.init.modules%22%3A%5B3%2C1.2000007629394531%5D%2C%22userId.total%22%3A%5B3801.7999992370605%2C168.39999771118164%5D%2C%22userId.mod.callback%22%3A%5B169.5%5D%2C%22userId.mods.identityLink.callback%22%3A%5B169.5%5D%2C%22userId.callbacks.total%22%3A%5B169.60000228881836%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A1.1000022888183594%2C%22requestBids.userId%22%3A1%2C%22requestBids.rtd%22%3A367%2C%22requestBids.validate%22%3A1.5%2C%22requestBids.makeRequests%22%3A26.400001525878906%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22pvuuid%22%3A%5B%2265e90d9a-880c-4922-8429-737d1e8accef%22%5D%2C%22addir%22%3A%5B%22bh%2F41%2F412%2F412983%2F2498530%22%5D%2C%22site%22%3A%5B%22shefinds%22%5D%2C%22domain%22%3A%5B%22shefinds.com%22%5D%2C%22urlhash%22%3A%5B%222907093993%22%5D%2C%22section%22%3A%5B%22collections%22%5D%2C%22directory%22%3A%5B%22walmart-packaging-change%22%5D%2C%22plat%22%3A%5B%22desk%22%5D%2C%22pt%22%3A%5B%22-%22%5D%2C%22schainv10%22%3A%5B%221.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C%22%5D%2C%22browser%22%3A%5B%22Chrome%22%5D%2C%22pageview%22%3A%5B%221%22%5D%2C%22refresh%22%3A%5B%22n%22%5D%2C%22admants%22%3A%5B%22S_10087%22%2C%22S_10271%22%2C%22S_10955%22%2C%22S_11587%22%2C%22S_12403%22%2C%22S_12404%22%2C%22S_12747%22%2C%22S_4284%22%2C%22S_4288%22%2C%22S_4289%22%2C%22S_4304%22%2C%22S_4317%22%2C%22S_4359%22%2C%22S_5276%22%2C%22S_6202%22%2C%22S_6310%22%2C%22S_6650%22%2C%22S_6654%22%2C%22S_6655%22%2C%22S_6766%22%2C%22S_6768%22%2C%22S_6911%22%2C%22S_7077%22%2C%22S_8531%22%2C%22S_9094%22%5D%2C%22adt%22%3A%5B%22veryLow%22%5D%2C%22alc%22%3A%5B%22veryLow%22%5D%2C%22dlm%22%3A%5B%22veryLow%22%5D%2C%22drg%22%3A%5B%22veryLow%22%5D%2C%22hat%22%3A%5B%22veryLow%22%5D%2C%22off%22%3A%5B%22veryLow%22%5D%2C%22vio%22%3A%5B%22veryLow%22%5D%2C%22ias-kw%22%3A%5B%22IAS_1506123_PG%22%2C%22IAS_3007008_PG%22%2C%22IAS_1500690_PG%22%2C%22IAS_1500154_PG%22%2C%22IAS_1500161_PG%22%2C%22IAS_8285_KW%22%2C%22IAS_13037_KW%22%2C%22IAS_5678_KW%22%2C%22IAS_1500092_PG%22%2C%22IAS_1500085_PG%22%5D%2C%22fr%22%3A%5B%22true%22%5D%2C%22batch%22%3A%5B%221%22%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pmc.com%22%2C%22sid%22%3A%221179161%22%2C%22hp%22%3A1%7D%5D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_ywYyfUetzl%22%7D%2C%22auctionId%22%3A%22fe29e799-9b1c-497e-babd-79f63adb67b6%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A0%2C%22location%22%3A%22setConfig%22%7D%2C%22userId%22%3A%7B%22tdid%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22divid%22%3A%5B%22skm-ad-flexrec-1%22%5D%2C%22st%22%3A%5B%22flxrec%22%5D%2C%22inview%22%3A%5B%22true%22%5D%2C%22loc%22%3A%5B%222%22%5D%2C%22impuuid%22%3A%5B%227b3c3691-7f7f-4169-98bb-788ab4f3fc83%22%5D%2C%22inst%22%3A%5B%222%22%5D%2C%22stinst%22%3A%5B%221%22%5D%2C%22optimera%22%3A%5B%22NULL%22%5D%2C%22id%22%3A%5B%22f7d00b9c-4aca-11ee-b76d-02210cbb4ca3%22%5D%2C%22vw%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22grm%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22pub%22%3A%5B%2240%22%5D%2C%22vertical%22%3A%5B%22articles%22%5D%2C%22vertical1%22%3A%5B%22articles%22%5D%2C%22pbadslot%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-1%22%7D%2C%22gpid%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-1%22%2C%22tid%22%3A%22284d4bf8-afc9-4967-8be5-f73b62b304f5%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22skm-ad-flexrec-1%22%2C%22transactionId%22%3A%22284d4bf8-afc9-4967-8be5-f73b62b304f5%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%221623c754a550813%22%2C%22bidderRequestId%22%3A%22138042c9008947f%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%2C0%5D%2C%22userId.mod.init%22%3A%5B0.09999847412109375%2C0.40000152587890625%2C0%2C0.20000076293945312%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999847412109375%2C0%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.40000152587890625%2C0.20000076293945312%5D%2C%22userId.init.modules%22%3A%5B3%2C1.2000007629394531%5D%2C%22userId.total%22%3A%5B3801.7999992370605%2C168.39999771118164%5D%2C%22userId.mod.callback%22%3A%5B169.5%5D%2C%22userId.mods.identityLink.callback%22%3A%5B169.5%5D%2C%22userId.callbacks.total%22%3A%5B169.60000228881836%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A1.1000022888183594%2C%22requestBids.userId%22%3A1%2C%22requestBids.rtd%22%3A367%2C%22requestBids.validate%22%3A1.5%2C%22requestBids.makeRequests%22%3A26.400001525878906%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22pvuuid%22%3A%5B%2265e90d9a-880c-4922-8429-737d1e8accef%22%5D%2C%22addir%22%3A%5B%22bh%2F41%2F412%2F412983%2F2498530%22%5D%2C%22site%22%3A%5B%22shefinds%22%5D%2C%22domain%22%3A%5B%22shefinds.com%22%5D%2C%22urlhash%22%3A%5B%222907093993%22%5D%2C%22section%22%3A%5B%22collections%22%5D%2C%22directory%22%3A%5B%22walmart-packaging-change%22%5D%2C%22plat%22%3A%5B%22desk%22%5D%2C%22pt%22%3A%5B%22-%22%5D%2C%22schainv10%22%3A%5B%221.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C%22%5D%2C%22browser%22%3A%5B%22Chrome%22%5D%2C%22pageview%22%3A%5B%221%22%5D%2C%22refresh%22%3A%5B%22n%22%5D%2C%22admants%22%3A%5B%22S_10087%22%2C%22S_10271%22%2C%22S_10955%22%2C%22S_11587%22%2C%22S_12403%22%2C%22S_12404%22%2C%22S_12747%22%2C%22S_4284%22%2C%22S_4288%22%2C%22S_4289%22%2C%22S_4304%22%2C%22S_4317%22%2C%22S_4359%22%2C%22S_5276%22%2C%22S_6202%22%2C%22S_6310%22%2C%22S_6650%22%2C%22S_6654%22%2C%22S_6655%22%2C%22S_6766%22%2C%22S_6768%22%2C%22S_6911%22%2C%22S_7077%22%2C%22S_8531%22%2C%22S_9094%22%5D%2C%22adt%22%3A%5B%22veryLow%22%5D%2C%22alc%22%3A%5B%22veryLow%22%5D%2C%22dlm%22%3A%5B%22veryLow%22%5D%2C%22drg%22%3A%5B%22veryLow%22%5D%2C%22hat%22%3A%5B%22veryLow%22%5D%2C%22off%22%3A%5B%22veryLow%22%5D%2C%22vio%22%3A%5B%22veryLow%22%5D%2C%22ias-kw%22%3A%5B%22IAS_1506123_PG%22%2C%22IAS_3007008_PG%22%2C%22IAS_1500690_PG%22%2C%22IAS_1500154_PG%22%2C%22IAS_1500161_PG%22%2C%22IAS_8285_KW%22%2C%22IAS_13037_KW%22%2C%22IAS_5678_KW%22%2C%22IAS_1500092_PG%22%2C%22IAS_1500085_PG%22%5D%2C%22fr%22%3A%5B%22true%22%5D%2C%22batch%22%3A%5B%221%22%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pmc.com%22%2C%22sid%22%3A%221179161%22%2C%22hp%22%3A1%7D%5D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_ywYyfUetzl%22%7D%2C%22auctionId%22%3A%22fe29e799-9b1c-497e-babd-79f63adb67b6%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A0%2C%22location%22%3A%22setConfig%22%7D%2C%22userId%22%3A%7B%22tdid%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22divid%22%3A%5B%22skm-ad-flexrec-rightrail%22%5D%2C%22st%22%3A%5B%22flxrec%22%5D%2C%22inview%22%3A%5B%22false%22%5D%2C%22loc%22%3A%5B%223%22%5D%2C%22impuuid%22%3A%5B%2283b090e2-ad73-4aa7-bd72-58b27b1f8690%22%5D%2C%22inst%22%3A%5B%223%22%5D%2C%22stinst%22%3A%5B%222%22%5D%2C%22optimera%22%3A%5B%22NULL%22%5D%2C%22id%22%3A%5B%22f7d00b9d-4aca-11ee-b76d-02210cbb4ca3%22%5D%2C%22vw%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22grm%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22pub%22%3A%5B%2240%22%5D%2C%22vertical%22%3A%5B%22articles%22%5D%2C%22vertical1%22%3A%5B%22articles%22%5D%2C%22pbadslot%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-rightrail%22%7D%2C%22gpid%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-rightrail%22%2C%22tid%22%3A%22f036e1f6-eba6-4532-8bc0-214516b2df59%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22skm-ad-flexrec-rightrail%22%2C%22transactionId%22%3A%22f036e1f6-eba6-4532-8bc0-214516b2df59%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%2217c08949b18c61b%22%2C%22bidderRequestId%22%3A%22138042c9008947f%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%2C0%5D%2C%22userId.mod.init%22%3A%5B0.09999847412109375%2C0.40000152587890625%2C0%2C0.20000076293945312%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999847412109375%2C0%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.40000152587890625%2C0.20000076293945312%5D%2C%22userId.init.modules%22%3A%5B3%2C1.2000007629394531%5D%2C%22userId.total%22%3A%5B3801.7999992370605%2C168.39999771118164%5D%2C%22userId.mod.callback%22%3A%5B169.5%5D%2C%22userId.mods.identityLink.callback%22%3A%5B169.5%5D%2C%22userId.callbacks.total%22%3A%5B169.60000228881836%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A1.1000022888183594%2C%22requestBids.userId%22%3A1%2C%22requestBids.rtd%22%3A367%2C%22requestBids.validate%22%3A1.5%2C%22requestBids.makeRequests%22%3A26.400001525878906%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22pvuuid%22%3A%5B%2265e90d9a-880c-4922-8429-737d1e8accef%22%5D%2C%22addir%22%3A%5B%22bh%2F41%2F412%2F412983%2F2498530%22%5D%2C%22site%22%3A%5B%22shefinds%22%5D%2C%22domain%22%3A%5B%22shefinds.com%22%5D%2C%22urlhash%22%3A%5B%222907093993%22%5D%2C%22section%22%3A%5B%22collections%22%5D%2C%22directory%22%3A%5B%22walmart-packaging-change%22%5D%2C%22plat%22%3A%5B%22desk%22%5D%2C%22pt%22%3A%5B%22-%22%5D%2C%22schainv10%22%3A%5B%221.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C%22%5D%2C%22browser%22%3A%5B%22Chrome%22%5D%2C%22pageview%22%3A%5B%221%22%5D%2C%22refresh%22%3A%5B%22n%22%5D%2C%22admants%22%3A%5B%22S_10087%22%2C%22S_10271%22%2C%22S_10955%22%2C%22S_11587%22%2C%22S_12403%22%2C%22S_12404%22%2C%22S_12747%22%2C%22S_4284%22%2C%22S_4288%22%2C%22S_4289%22%2C%22S_4304%22%2C%22S_4317%22%2C%22S_4359%22%2C%22S_5276%22%2C%22S_6202%22%2C%22S_6310%22%2C%22S_6650%22%2C%22S_6654%22%2C%22S_6655%22%2C%22S_6766%22%2C%22S_6768%22%2C%22S_6911%22%2C%22S_7077%22%2C%22S_8531%22%2C%22S_9094%22%5D%2C%22adt%22%3A%5B%22veryLow%22%5D%2C%22alc%22%3A%5B%22veryLow%22%5D%2C%22dlm%22%3A%5B%22veryLow%22%5D%2C%22drg%22%3A%5B%22veryLow%22%5D%2C%22hat%22%3A%5B%22veryLow%22%5D%2C%22off%22%3A%5B%22veryLow%22%5D%2C%22vio%22%3A%5B%22veryLow%22%5D%2C%22ias-kw%22%3A%5B%22IAS_1506123_PG%22%2C%22IAS_3007008_PG%22%2C%22IAS_1500690_PG%22%2C%22IAS_1500154_PG%22%2C%22IAS_1500161_PG%22%2C%22IAS_8285_KW%22%2C%22IAS_13037_KW%22%2C%22IAS_5678_KW%22%2C%22IAS_1500092_PG%22%2C%22IAS_1500085_PG%22%5D%2C%22fr%22%3A%5B%22true%22%5D%2C%22batch%22%3A%5B%221%22%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pmc.com%22%2C%22sid%22%3A%221179161%22%2C%22hp%22%3A1%7D%5D%7D%7D%2C%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_cFuWeE9eDw%22%7D%2C%22auctionId%22%3A%22fe29e799-9b1c-497e-babd-79f63adb67b6%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A0%2C%22location%22%3A%22setConfig%22%7D%2C%22userId%22%3A%7B%22tdid%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22divid%22%3A%5B%22skm-ad-medrec-03%22%5D%2C%22st%22%3A%5B%22mrec%22%5D%2C%22inview%22%3A%5B%22false%22%5D%2C%22loc%22%3A%5B%225%22%5D%2C%22impuuid%22%3A%5B%222c677554-0255-497b-8258-f3e70a4b61ac%22%5D%2C%22inst%22%3A%5B%224%22%5D%2C%22stinst%22%3A%5B%221%22%5D%2C%22optimera%22%3A%5B%22NULL%22%5D%2C%22id%22%3A%5B%22f7d00b9e-4aca-11ee-b76d-02210cbb4ca3%22%5D%2C%22vw%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22grm%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22pub%22%3A%5B%2240%22%5D%2C%22vertical%22%3A%5B%22articles%22%5D%2C%22vertical1%22%3A%5B%22articles%22%5D%2C%22pbadslot%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fmedrec%2Fskm-ad-medrec-03%22%7D%2C%22gpid%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fmedrec%2Fskm-ad-medrec-03%22%2C%22tid%22%3A%22cbc17cf2-46f1-4351-ab1e-a430ced27c8a%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22skm-ad-medrec-03%22%2C%22transactionId%22%3A%22cbc17cf2-46f1-4351-ab1e-a430ced27c8a%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22bidId%22%3A%221862ca950309f3%22%2C%22bidderRequestId%22%3A%22138042c9008947f%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%2C0%5D%2C%22userId.mod.init%22%3A%5B0.09999847412109375%2C0.40000152587890625%2C0%2C0.20000076293945312%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999847412109375%2C0%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.40000152587890625%2C0.20000076293945312%5D%2C%22userId.init.modules%22%3A%5B3%2C1.2000007629394531%5D%2C%22userId.total%22%3A%5B3801.7999992370605%2C168.39999771118164%5D%2C%22userId.mod.callback%22%3A%5B169.5%5D%2C%22userId.mods.identityLink.callback%22%3A%5B169.5%5D%2C%22userId.callbacks.total%22%3A%5B169.60000228881836%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A1.1000022888183594%2C%22requestBids.userId%22%3A1%2C%22requestBids.rtd%22%3A367%2C%22requestBids.validate%22%3A1.5%2C%22requestBids.makeRequests%22%3A26.400001525878906%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22pvuuid%22%3A%5B%2265e90d9a-880c-4922-8429-737d1e8accef%22%5D%2C%22addir%22%3A%5B%22bh%2F41%2F412%2F412983%2F2498530%22%5D%2C%22site%22%3A%5B%22shefinds%22%5D%2C%22domain%22%3A%5B%22shefinds.com%22%5D%2C%22urlhash%22%3A%5B%222907093993%22%5D%2C%22section%22%3A%5B%22collections%22%5D%2C%22directory%22%3A%5B%22walmart-packaging-change%22%5D%2C%22plat%22%3A%5B%22desk%22%5D%2C%22pt%22%3A%5B%22-%22%5D%2C%22schainv10%22%3A%5B%221.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C%22%5D%2C%22browser%22%3A%5B%22Chrome%22%5D%2C%22pageview%22%3A%5B%221%22%5D%2C%22refresh%22%3A%5B%22n%22%5D%2C%22admants%22%3A%5B%22S_10087%22%2C%22S_10271%22%2C%22S_10955%22%2C%22S_11587%22%2C%22S_12403%22%2C%22S_12404%22%2C%22S_12747%22%2C%22S_4284%22%2C%22S_4288%22%2C%22S_4289%22%2C%22S_4304%22%2C%22S_4317%22%2C%22S_4359%22%2C%22S_5276%22%2C%22S_6202%22%2C%22S_6310%22%2C%22S_6650%22%2C%22S_6654%22%2C%22S_6655%22%2C%22S_6766%22%2C%22S_6768%22%2C%22S_6911%22%2C%22S_7077%22%2C%22S_8531%22%2C%22S_9094%22%5D%2C%22adt%22%3A%5B%22veryLow%22%5D%2C%22alc%22%3A%5B%22veryLow%22%5D%2C%22dlm%22%3A%5B%22veryLow%22%5D%2C%22drg%22%3A%5B%22veryLow%22%5D%2C%22hat%22%3A%5B%22veryLow%22%5D%2C%22off%22%3A%5B%22veryLow%22%5D%2C%22vio%22%3A%5B%22veryLow%22%5D%2C%22ias-kw%22%3A%5B%22IAS_1506123_PG%22%2C%22IAS_3007008_PG%22%2C%22IAS_1500690_PG%22%2C%22IAS_1500154_PG%22%2C%22IAS_1500161_PG%22%2C%22IAS_8285_KW%22%2C%22IAS_13037_KW%22%2C%22IAS_5678_KW%22%2C%22IAS_1500092_PG%22%2C%22IAS_1500085_PG%22%5D%2C%22fr%22%3A%5B%22true%22%5D%2C%22batch%22%3A%5B%221%22%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pmc.com%22%2C%22sid%22%3A%221179161%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22prebidVersion%22%3A%227.40.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22tdID%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.147.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-147-220.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:12 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Nbr
505
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=211441
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
684233ca05f06cda59125350de0fbbe97fbbb83b8b20e650dfc9001847717356

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVfzDjR7pywsRAc27BwsRLzYweYAb%2FzR4eroZ5X4A%2Bu5zn8eadvYOrYy39xMAIvPnOtrOQO3N%2FKcz8RLPICCr586abLMvzYA4HuyxAKRVqHE0fbxXBlGuf5LXjJVqsO7vta6%2F4RY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf26c8333a09-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
imp
g2.gumgum.com/hbid/ 		958 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794611939&to=600&aun=skm-ad-flexbanner&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexbanner%2Fskm-ad-flexbanner&fp=0.05&fpc=USD&maxw=970&maxh=250&si=55609&pi=3&bf=728x90%2C970x250%2C970x90&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3379fa21363a510b92dd51bf7e78b274860e9b488531bd1f39f081ae47434d3

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		958 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794611940&to=600&aun=skm-ad-flexbanner&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexbanner%2Fskm-ad-flexbanner&fp=0.05&fpc=USD&maxw=970&maxh=250&si=55610&pi=3&bf=728x90%2C970x250%2C970x90&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
553b8f11f08ede881e6826839b8e99857d0524fd911d1fb82890663ca34a32b6

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		958 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794611940&to=600&aun=skm-ad-frame2&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fframe2%2Fskm-ad-frame2&fp=0.05&fpc=USD&t=rdkhbc4i&pi=2&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
48eb6f26503a859eca781be1dc432f87c7ad040d2d5eb45f1e62b3865506eb0f

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		958 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794611940&to=600&aun=skm-ad-flexrec-1&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-1&fp=0.05&fpc=USD&maxw=300&maxh=600&si=55603&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7ceb51a366e31a656b8d60b37328a147eb414740bff06db6858805ff9eed5706

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		958 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794611941&to=600&aun=skm-ad-flexrec-1&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-1&fp=0.05&fpc=USD&maxw=300&maxh=600&si=55604&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9e87a823eb5e5b9b68b3389abaa2296f17b99bc1e4ce715a22fd4425bf127f85

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		958 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794611941&to=600&aun=skm-ad-flexrec-rightrail&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-rightrail&fp=0.05&fpc=USD&maxw=300&maxh=600&si=55603&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
6b521572a44abc920b5309e2516cd6033c9c551ee864bf3e22e835cce242b736

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		958 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794611941&to=600&aun=skm-ad-flexrec-rightrail&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-rightrail&fp=0.05&fpc=USD&maxw=300&maxh=600&si=55604&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3d8a017b708b0deed4f494d65928c2264b3b36d20bdcaf3aaaf3e044821acb12

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		958 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794611941&to=600&aun=skm-ad-medrec-03&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fmedrec%2Fskm-ad-medrec-03&fp=0.05&fpc=USD&maxw=300&maxh=250&si=55603&pi=3&bf=300x250&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
84beb508090f334c29462d9d14c1ba56dbf81413248d72c7641c2312dbb39694

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
bid
ap.lijit.com/rtb/ 		25 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
464f12bd76fffa0a0e156dbd499926d2883c44fff6f430dc8cd264ff133e0631

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:12 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
xhr
pre.ads.justpremium.com/v/2.0/t/ 		53 B
831 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/2.0/t/xhr?i=1693794611949
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.69.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-69-24.compute-1.amazonaws.com
Software
/
Resource Hash
7cde5122b3c8307bdb041016e68226472014181eeabc4346d859d8dd58388732

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:12 GMT
cache-control
public, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
content-type
application/json
hb
hb.undertone.com/ 		0
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=1322&domain=shefinds.com&ccpa=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-63.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
via
1.1 820b14719bf91dbc846cab9728bc3fe6.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.shefinds.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
265
x-amz-cf-id
pcHitI4OkL7tr7GUSlvSOEdMpAhZUVQ-Y24CVUYRZWnH-GPHg-8haA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cdb
bidder.criteo.com/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.40.0&cb=57426587654&lsavail=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
30b9a326e81453d37ff2248639b64e5531e7623224e8d4ea3476c57c55c347a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
c
prebid.a-mo.net/a/ 		999 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
937655246dd3b3d63a161d8160b690a8239b3932fabead1b0a3606993f487a4b

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:11 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
53
content-length
488
prebid
ib.adnxs.com/ut/v3/ 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
an-x-request-uuid
ae825b31-3c33-4f9a-b427-88b6c476d859
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_728x90_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&divid=skm-ad-flexbanner&st=flxban&inview=true&loc=1&impuuid=59abb4e8-d334-47af-953c-0d70351114cb&inst=1&stinst=1&optimera=NULL&id=f7d00b9a-4aca-11ee-b76d-02210cbb4ca3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
8f532cd196db362696a6dfad2ff370756a8b45b096c35eb2e9c8261f76878bfd

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_970x250_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&divid=skm-ad-flexbanner&st=flxban&inview=true&loc=1&impuuid=59abb4e8-d334-47af-953c-0d70351114cb&inst=1&stinst=1&optimera=NULL&id=f7d00b9a-4aca-11ee-b76d-02210cbb4ca3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
52870d345b11fdb513945e16c0adca6e1a9f42883c07c4457c24a62a40540171

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_728x90_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&divid=skm-ad-frame2&st=frame2&inview=true&close_control=enabled&loc=sticky&impuuid=4a66fba7-4d47-4a2a-b079-e935bee7a118&inst=s1&stinst=s1&optimera=NULL&id=f7d00b9b-4aca-11ee-b76d-02210cbb4ca3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
ae919ee9c78833c90e8f241bcae81f6b50611cc0dd4953f67d3c44417a744b29

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_300x250_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&divid=skm-ad-flexrec-1&st=flxrec&inview=true&loc=2&impuuid=7b3c3691-7f7f-4169-98bb-788ab4f3fc83&inst=2&stinst=1&optimera=NULL&id=f7d00b9c-4aca-11ee-b76d-02210cbb4ca3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
42deb08bab85c97794179ea4f59d9c9e4fb0eb84d552c1e0a23a8d219f301bf2

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_300x600_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&divid=skm-ad-flexrec-1&st=flxrec&inview=true&loc=2&impuuid=7b3c3691-7f7f-4169-98bb-788ab4f3fc83&inst=2&stinst=1&optimera=NULL&id=f7d00b9c-4aca-11ee-b76d-02210cbb4ca3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
7723e81ff2b94575ad23a0be4400101878e64575b283044ba642b44fcc53cb63

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_300x250_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&divid=skm-ad-flexrec-rightrail&st=flxrec&inview=false&loc=3&impuuid=83b090e2-ad73-4aa7-bd72-58b27b1f8690&inst=3&stinst=2&optimera=NULL&id=f7d00b9d-4aca-11ee-b76d-02210cbb4ca3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
92b7ba6e8df74d4f0e91329b48a2e6076aeb996d4b853bb295c55bd38840d459

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_300x600_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&divid=skm-ad-flexrec-rightrail&st=flxrec&inview=false&loc=3&impuuid=83b090e2-ad73-4aa7-bd72-58b27b1f8690&inst=3&stinst=2&optimera=NULL&id=f7d00b9d-4aca-11ee-b76d-02210cbb4ca3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
c95b3a784ad35fd4c76d642e8f36e3439e7c48f3b00f7108349e16c8c952baeb

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_300x250_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&refresh=n&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&divid=skm-ad-medrec-03&st=mrec&inview=false&loc=5&impuuid=2c677554-0255-497b-8258-f3e70a4b61ac&inst=4&stinst=1&optimera=NULL&id=f7d00b9e-4aca-11ee-b76d-02210cbb4ca3&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
c75ff8780341ef97fdfa3ae880a49d8f8f99c7c6358ca8de16001b0980ab6e3f

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
900 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=2&alt_size_ids=55%2C57&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com%2Cshefinds.com&tg_i.pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&tg_i.addir=bh%2F41%2F412%2F412983%2F2498530&tg_i.site=shefinds&tg_i.urlhash=2907093993&tg_i.section=collections&tg_i.directory=walmart-packaging-change&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-flexbanner%2Cskm-ad-flexbanner&tg_i.st=flxban%2Cflxban&tg_i.inview=true%2Ctrue&tg_i.loc=1%2C1&tg_i.impuuid=59abb4e8-d334-47af-953c-0d70351114cb%2C59abb4e8-d334-47af-953c-0d70351114cb&tg_i.inst=1%2C1&tg_i.stinst=1%2C1&tg_i.optimera=NULL%2CNULL&tg_i.id=f7d00b9a-4aca-11ee-b76d-02210cbb4ca3%2Cf7d00b9a-4aca-11ee-b76d-02210cbb4ca3&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.pub=40%2C40&tg_i.vertical=articles%2Carticles&tg_i.vertical1=articles%2Carticles&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexbanner%2Fskm-ad-flexbanner&tk_flint=pbjs_lite_v7.40.0&x_source.tid=4a601877-2b72-4d81-93e5-dfb6b062a4d9&l_pb_bid_id=918f55bed6c3d56&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexbanner%2Fskm-ad-flexbanner&slots=1&rand=0.29076064811059266
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3b73779118c814aa81cb4b8d372989e0fd7860201220cfcb57b382cdada54796

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
865
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=2&p_pos=atf&us_privacy=1---&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com%2Cshefinds.com&tg_i.pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&tg_i.addir=bh%2F41%2F412%2F412983%2F2498530&tg_i.site=shefinds&tg_i.urlhash=2907093993&tg_i.section=collections&tg_i.directory=walmart-packaging-change&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-frame2%2Cskm-ad-frame2&tg_i.st=frame2%2Cframe2&tg_i.inview=true%2Ctrue&tg_i.close_control=enabled%2Cenabled&tg_i.loc=sticky%2Csticky&tg_i.impuuid=4a66fba7-4d47-4a2a-b079-e935bee7a118%2C4a66fba7-4d47-4a2a-b079-e935bee7a118&tg_i.inst=s1%2Cs1&tg_i.stinst=s1%2Cs1&tg_i.optimera=NULL%2CNULL&tg_i.id=f7d00b9b-4aca-11ee-b76d-02210cbb4ca3%2Cf7d00b9b-4aca-11ee-b76d-02210cbb4ca3&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.pub=40%2C40&tg_i.vertical=articles%2Carticles&tg_i.vertical1=articles%2Carticles&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fframe2%2Fskm-ad-frame2&tk_flint=pbjs_lite_v7.40.0&x_source.tid=4d7c71ea-ff1b-4566-9ef0-fd1db675084f&l_pb_bid_id=9207fa0080936dd&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fframe2%2Fskm-ad-frame2&slots=1&rand=0.16493391400794488
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
41cf1325b79b2b6dc60fddd59b10ca2b86e47a20941bb2680371378f52fdc000

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
871
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com%2Cshefinds.com&tg_i.pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&tg_i.addir=bh%2F41%2F412%2F412983%2F2498530&tg_i.site=shefinds&tg_i.urlhash=2907093993&tg_i.section=collections&tg_i.directory=walmart-packaging-change&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-flexrec-1%2Cskm-ad-flexrec-1&tg_i.st=flxrec%2Cflxrec&tg_i.inview=true%2Ctrue&tg_i.loc=2%2C2&tg_i.impuuid=7b3c3691-7f7f-4169-98bb-788ab4f3fc83%2C7b3c3691-7f7f-4169-98bb-788ab4f3fc83&tg_i.inst=2%2C2&tg_i.stinst=1%2C1&tg_i.optimera=NULL%2CNULL&tg_i.id=f7d00b9c-4aca-11ee-b76d-02210cbb4ca3%2Cf7d00b9c-4aca-11ee-b76d-02210cbb4ca3&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.pub=40%2C40&tg_i.vertical=articles%2Carticles&tg_i.vertical1=articles%2Carticles&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-1&tk_flint=pbjs_lite_v7.40.0&x_source.tid=284d4bf8-afc9-4967-8be5-f73b62b304f5&l_pb_bid_id=93a6bfa65c20b8b&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-1&slots=1&rand=0.4192724279183855
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6b38251cdbb41902ae01428dc0693b4aaffa953caa9fab7ea917b57c6dcf84fc

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
863
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
906 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com%2Cshefinds.com&tg_i.pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&tg_i.addir=bh%2F41%2F412%2F412983%2F2498530&tg_i.site=shefinds&tg_i.urlhash=2907093993&tg_i.section=collections&tg_i.directory=walmart-packaging-change&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-flexrec-rightrail%2Cskm-ad-flexrec-rightrail&tg_i.st=flxrec%2Cflxrec&tg_i.inview=false%2Cfalse&tg_i.loc=3%2C3&tg_i.impuuid=83b090e2-ad73-4aa7-bd72-58b27b1f8690%2C83b090e2-ad73-4aa7-bd72-58b27b1f8690&tg_i.inst=3%2C3&tg_i.stinst=2%2C2&tg_i.optimera=NULL%2CNULL&tg_i.id=f7d00b9d-4aca-11ee-b76d-02210cbb4ca3%2Cf7d00b9d-4aca-11ee-b76d-02210cbb4ca3&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.pub=40%2C40&tg_i.vertical=articles%2Carticles&tg_i.vertical1=articles%2Carticles&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-rightrail&tk_flint=pbjs_lite_v7.40.0&x_source.tid=f036e1f6-eba6-4532-8bc0-214516b2df59&l_pb_bid_id=9448c0fdd30a17&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-rightrail&slots=1&rand=0.49877217354471615
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
83dc7516ab475af2f60455688ab9bea9806ea1d2d9f3b496703966a1b47370f0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
871
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=15&us_privacy=1---&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com%2Cshefinds.com&tg_i.pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&tg_i.addir=bh%2F41%2F412%2F412983%2F2498530&tg_i.site=shefinds&tg_i.urlhash=2907093993&tg_i.section=collections&tg_i.directory=walmart-packaging-change&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.refresh=n&tg_i.admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&tg_i.fr=true&tg_i.batch=1&tg_i.divid=skm-ad-medrec-03%2Cskm-ad-medrec-03&tg_i.st=mrec%2Cmrec&tg_i.inview=false%2Cfalse&tg_i.loc=5%2C5&tg_i.impuuid=2c677554-0255-497b-8258-f3e70a4b61ac%2C2c677554-0255-497b-8258-f3e70a4b61ac&tg_i.inst=4%2C4&tg_i.stinst=1%2C1&tg_i.optimera=NULL%2CNULL&tg_i.id=f7d00b9e-4aca-11ee-b76d-02210cbb4ca3%2Cf7d00b9e-4aca-11ee-b76d-02210cbb4ca3&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.pub=40%2C40&tg_i.vertical=articles%2Carticles&tg_i.vertical1=articles%2Carticles&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fmedrec%2Fskm-ad-medrec-03&tk_flint=pbjs_lite_v7.40.0&x_source.tid=cbc17cf2-46f1-4351-ab1e-a430ced27c8a&l_pb_bid_id=95dfde8c6343418&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fmedrec%2Fskm-ad-medrec-03&slots=1&rand=0.8317119777527859
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0bab4f9df73177123384e953a27e8a9feea1550acb1a07d1b73086b09425eff4

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
856
expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.40.0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tmax=1000&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.81.115.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-115-164.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status
12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid
s.seedtag.com/c/hb/ 		87 B
896 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
15956c0a2d4731c70792f145ac91f4e53c8012f06f67ab0bfce1cc1cbd842f6f

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
via
1.1 google
server
openresty
etag
W/"57-tKKIaF0kl0lrmhuF6yhIoncO5no"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pandg-sdk.js
pghub.io/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:44:16 GMT
content-encoding
gzip
age
2756
x-guploader-uploadid
ADPycdv_3roMmV15odeefCyBJTNZU6dsIBdv1PLUBgsHak576UpbaNqEkdDvBD8XQtuCJ10VGhujOX4i8d1dDGJKHG0d0oHR2dQW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
xpromo-4d09ac73.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/xpromo-4d09ac73.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e0a1247c732b236872195e1cedb855b2f3504aa6f212020128eaa6c6bdb529b5

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/w3-report-from-v2-event-3d775c9e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
727
last-modified
Thu, 31 Aug 2023 22:10:46 GMT
server
snooserv
etag
"c53d9b4519353265f3dcbd3b74dc477d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
contextualSignupPrompt-8292f7a7.js
www.redditstatic.com/shreddit/en-US/ Frame 9C18 		314 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/shreddit/en-US/contextualSignupPrompt-8292f7a7.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
c98352dbbfb6f41a5900d81b9266f969d4fb7db95d333df84860b0267677382f

Request headers

Referer
https://www.redditstatic.com/shreddit/en-US/w3-report-from-v2-event-3d775c9e.js
Origin
https://embed.reddit.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
x-amz-server-side-encryption
AES256
content-length
259
last-modified
Wed, 24 May 2023 14:50:44 GMT
server
snooserv
etag
"d61a3dab810106741158816d338ed60e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-origin
https://embed.reddit.com
cache-control
max-age=604800
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
accept-ranges
bytes
FUtg69tL.js
cdn.jwplayer.com/libraries/ Frame 8777 		107 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/FUtg69tL.js
Requested by
Host: tags.remixd.com
URL: https://tags.remixd.com/player/v5/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2209:dc00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
240531c37653cafc7f1e75b78474a24cc136fa122403ce8e473d6493cf93a9b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:29:13 GMT
content-encoding
gzip
via
1.1 2ba01a121d51ee735a8dde7a86ed73b6.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
EWR53-P1
age
59
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
41086
x-amz-cf-id
4rvvSK5TpaaHpQBZxQoRTm415kMrVAhhvUeeDde47d6IrCKSaj57Pg==
perfMetrics
embed.reddit.com/svc/shreddit/ Frame 9C18 		7 B
3 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/svc/shreddit/perfMetrics
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
d70b9e24bca26b409b9458ceca6c9e5c2b5c3171c37ff050c6f6a0d7a4420d2a
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-fhGkiJZ6LBrdPOhBdE376g==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-fhGkiJZ6LBrdPOhBdE376g==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
date
Mon, 04 Sep 2023 02:30:12 GMT
via
1.1 varnish
server
snooserv
content-security-policy-report-only
object-src 'none';script-src 'nonce-fhGkiJZ6LBrdPOhBdE376g==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors 'self' *.reddit.com *.snooguts.net;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,accept-language
x-is-wrs
false
cache-control
private, s-maxage=1, max-age=1, must-revalidate
accept-ranges
bytes
content-length
7
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fwww.shefinds.com%2F%2Fcollections%2Fwalmart-packaging-change%2F-&i=NATIVOINVCONTENT1&ud=false&qm=600&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!w%5ETm_hBE%22%3B8%2BYe6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23V%7Du%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=0&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=14259&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&cm=33&f=0&j=&o=3&t=1693794610384&de=463464521125&cu=1693794610384&m=866&ar=6194820-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&pg=0&pf=0&cc=0&bw=0&bx=0&em=0&en=0&bu=1&cd=0&ah=1&am=0&re=0&wb=1&cl=0&at=0&d=14294%3A-%3A-%3A-&gw=nativonielsen548znrb18&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98815&na=1758676028&cs=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.189.209 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-189-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 04 Sep 2023 02:30:12 GMT
iu3
s.amazon-adsystem.com/ Frame 700F 		426 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
617b56ef335b0df162839e835c45e260ee2b129984b49f4198e3826d59ff0075
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
426
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:30:12 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
Z7XM1NC9W6NGN6BEPEH4
view
securepubads.g.doubleclick.net/pcs/ Frame 6E30 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssoUw9CLUKOgIIxo2BhoZ40P-NkPqpdD5UloJo6gBrCreWc9V-N3Gpd8jzoJGj3f0cUNCJKGTwxuFZ4HyCxppvsW3x6u_FZKDmWAl6OXFyLqhFEztGNH4pOdB1zPEfSz3ebWmDZhgF4wuCXEtAeWrOcNug97VQrlJrLsvVxVEyVLrqD_ZZpXpzl5WVScgzRfhwtvNEM7I-Gbqq8pgYe5OTOrkYIGe_6lsbgbD5biMMFCKSCUeKJiwJECsU7RqZv7xfz4-jCCrAPquGKWAsTTD9Gz3WV6gHuji2fzbDwFyj_XLpheRe-8ZORpEk0rOEfJ9Ikpe0zDmxekGpMGBjYbIcnKCdTjWAM1O1SKxbmDxQB&sai=AMfl-YSQgWtyo5tHVrikNYLqxNH4Wbvz6htAO_tnuodkZEK_gmBJ6o9dFfcbWXIWP5wPGjVBnBX2_YhfLEn3CyHluLW1RpBs999IcFg2_5rgeipa_J318yLalJjcv0y7dNI&sig=Cg0ArKJSzJIdoPwfbIHDEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame 6E30 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=463&friendly=friendly_63882213&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=63882213&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.172.234.98 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bidstream-nyc-02.advertserve.org
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 23BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvf4utrpQyR8DelCIC9O0vc3ouR21xw5O7s_zZy5VlFKMuAQOX5h5idevLJpBb23tgLJ8ceug6EhtLMbkGlcOVig0eK5BXbJYgMxeOtmZvTzSme6wBTvJ80QS-3B76j7EA4me-wHkXmkIVSSrGpozISkBkUF280ZuUj68TXT1ncFDFTwlKF1feul8cvc0NJ69UZhyY6U-mbyaObNeiSGuXMYsfrx7pizAqYcxTpvCOJ-dfDTfsr4nN4WLrOkFUq6irIYoZ7FZCoRYKHrEz-4hKDlC3uTiT9z7S53LnbdrM_UWujEehDHQRIoSCiu2SOyndcky6QlLR9yrRIgKvgJA67fln3R0hW-EDbmQ&sai=AMfl-YRnK5j4ZhEGWN0nphbBMnWPrIJmkBwYJqqSZvSog5rRu_dGBDMjL3Xxipj8ATO9kJHVqxtWp-7pXWnfbPsVfvSr5EQdoD-nYWX1RIKNME9EmBFrMEKf1rt5bPnRDM4&sig=Cg0ArKJSzPwmRl_rZqprEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame 23BF 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_72510872&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=72510872&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.172.234.98 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bidstream-nyc-02.advertserve.org
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
place
sheknows-tagan.adlightning.com/ Frame DFF5 		0
420 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sheknows-tagan.adlightning.com/place?p=0&d=eyJzaXRlSWQiOiJzaGVrbm93cyIsInVybCI6Imh0dHBzOi8vd3d3LnNoZWZpbmRzLmNvbS9jb2xsZWN0aW9ucy93YWxtYXJ0LXBhY2thZ2luZy1jaGFuZ2UvIiwiYWRVbml0IjoiLzIxODI0NzI5NDc1L3NoZWZpbmRzLXNoZWZpbmRzLWRlc2t0b3AtNzI4eDkwXzEiLCJhZFNlcnZlckRldGFpbHMiOnsiYWR2ZXJ0aXNlcklkIjoiNDk5OTI5NDc4MyIsImNhbXBhaWduSWQiOiIzMDg4NTE2MjkyIiwiY3JlYXRpdmVJZCI6IjEzODQwNjkwNjExMCIsImxpbmVpdGVtSWQiOiI2MTI2OTA3NDMwIiwiYWRTZXJ2ZXIiOiJkZnAifSwid2lkdGgiOjcyOCwiaGVpZ2h0Ijo5MCwid3YiOiIxLjAuMCtlMDlmMTBmIiwiYnYiOiJibC1jMjViMjAzLTNhMDQzOGJjO2ItZTA5ZjEwZi02MzU3MWE4NiIsIm1ldGEiOnsiYmxhY2tsaXN0U3RhdHVzIjp7ImxvYWRlZCI6dHJ1ZSwiY291bnQiOjE1MDQsImZpcnN0SXRlbSI6eyJ0IjoibXV6bmFiY2xpY2tzLmNvbSIsImEiOjEwfX0sImJsb2NrZWRJbmZvIjp7InJlZnJlc2hlZENvdW50IjowLCJibG9ja2VkQ291bnQiOjB9LCJwbFJhdGlvIjowLjAyfSwidGFnTWFya3VwIjoiPGh0bWw%2BPGhlYWQ%2BPHNjcmlwdCBzcmM9XCJodHRwczovL3RhZ2FuLmFkbGlnaHRuaW5nLmNvbS9zaGVrbm93cy9iLWUwOWYxMGYtNjM1NzFhODYuanNcIiB0eXBlPVwidGV4dC9qYXZhc2NyaXB0XCI%2BPC9zY3JpcHQ%2BPHNjcmlwdD53aW5kb3dbXCIyMTg0NTgzMV9zaGVrbm93c1wiXSA9IHdpbmRvd1tcIjIxODQ1ODMxX3NoZWtub3dzXCJdIHx8IHt9O3dpbmRvd1tcIjIxODQ1ODMxX3NoZWtub3dzXCJdLnRhZ0RldGFpbHMgPSB3aW5kb3dbXCIyMTg0NTgzMV9zaGVrbm93c1wiXS50YWdEZXRhaWxzIHx8IHtcInNpdGVJZFwiOlwic2hla25vd3NcIixcInd2XCI6XCIxLjAuMCtlMDlmMTBmXCIsXCJibHZcIjpcImJsLWMyNWIyMDMtM2EwNDM4YmNcIixcImJ2XCI6XCJiLWUwOWYxMGYtNjM1NzFhODZcIixcInRvcERvbWFpblwiOlwiaHR0cHM6Ly93d3cuc2hlZmluZHMuY29tL2NvbGxlY3Rpb25zL3dhbG1hcnQtcGFja2FnaW5nLWNoYW5nZS9cIixcImN1cnJlbnRUYWdJZFwiOlwiYWRsdGFnX2xtNDlrdXdyX2RkNEY1YzNGbXhlXCIsXCJhdVwiOlwiLzIxODI0NzI5NDc1L3NoZWZpbmRzLXNoZWZpbmRzLWRlc2t0b3AtNzI4eDkwXzFcIixcInNsb3RFbGVtZW50SWRcIjpcImdvb2dsZS10YWctNzI4eDkwLTFcIixcInJlZnJlc2hlc1JlbWFpbmluZ1wiOjIsXCJibG9ja2VkQ291bnRcIjowLFwiYWRTZXJ2ZXJEZXRhaWxzXCI6e1wiYWR2ZXJ0aXNlcklkXCI6XCI0OTk5Mjk0NzgzXCIsXCJjYW1wYWlnbklkXCI6XCIzMDg4NTE2MjkyXCIsXCJjcmVhdGl2ZUlkXCI6XCIxMzg0MDY5MDYxMTBcIixcImxpbmVpdGVtSWRcIjpcIjYxMjY5MDc0MzBcIixcImFkU2VydmVyXCI6XCJkZnBcIn0sXCJ3XCI6NzI4LFwiaFwiOjkwLFwiSUFCQ29uc2VudFN0cmluZ1wiOntcInVzcGFwaVwiOlt7XCJ2ZXJzaW9uXCI6MSxcInVzcFN0cmluZ1wiOlwiMS0tLVwifV19fTt3aW5kb3cuYmxvY2tlciAmJiBibG9ja2VyKFwiMjE4NDU4MzFfc2hla25vd3NcIiwgXCI8IS0tQURMX1dSQVBQRUQtLT5cIiwgZmFsc2UsIHdpbmRvdywge1wicmVmcmVzaE1lc3NhZ2VcIjpcInRydWVcIn0pOzwvc2NyaXB0PjwvaGVhZD48L2h0bWw%2BPCEtLSBJRlJBTUUgSU5ORVIgQ09OVEVOVCAtLT4ifQ%3D%3D&i=1-1&t=adltag_lm49kuwr_dd4F5c3Fmxe&r=563f385b237090bbe2040c948316ed2&c=sheknows&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-19.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
G_RnelvHxLZRigY10NOQqcebDxJ14kwi
date
Sun, 03 Sep 2023 22:12:03 GMT
via
1.1 4a6fd791b6663fb7a124f5d43d11ba3c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
15491
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 00:29:17 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
OCdRmVHUQxi_G9nTMgiP-V6pYsHLkjc3ATvAmhujGjg-jWMKZPFnwQ==
view
securepubads.g.doubleclick.net/pcs/ Frame DFF5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssW5Z4mED5WkN0t5kwf7P48VBx7omWm9i1rkjvfLK-UNTvfVDWxdLx2iG0YkvxkS_hPy-RQcte4xLrgzgiy541N9vgiTRz3fAQuK3EM7IAgo3qi0XEBpdB42h1idtPAbkvHTz4SBW9z0NdOfMqdtKr1F9ci76U27ak4of2LtkYvS6GRmrptQ8OdTFlzvCaNI1_bvfUqywEBrRZjLC5YdEMQfkIU9rWAKBAJiOMFOsFllDhKOmSPR19Ww3l2wdYUKtfv4SZTGcX9Mq6CeLYONr8Dzk8iwNtki4fH_pySVPJLjmPhWGULra86fe7ppnJcQkV93bALwr8RDoSOl-_-mUjkiLwbilHIFvv18w&sai=AMfl-YQ792p9jWf9s7IX9N4uyk1UH_4hlI1ZWbEV-0TF0yGg_PyKYoS8UeRInV9a2OR-nc7NWkqT2Q4R24WJbBJZFJLHuVRdldjoPsyADVqFDuUtO4i84dgH-tgmAjQsrGY&sig=Cg0ArKJSzLRLRpOrbN9MEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame DFF5 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_60653926&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=60653926&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.172.234.98 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bidstream-nyc-02.advertserve.org
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
ads.js
static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ 		210 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ads.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e49e22ae110b355f66660a18e01d55499745467f9bc10241ca0c15dee91a7bdd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
K8Ua_xo0N19HcSSuK968gCsF1caCv_v9
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 07:39:54 GMT
last-modified
Fri, 25 Aug 2023 08:28:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
67820
x-amz-server-side-encryption
AES256
etag
W/"ecb7db6e7225b69f4297927a595df5bd"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
wGOMAqP5cdQUEUKKM0lwuLXVrDKI6hhOuGz9EefI7y1678LndW5Ixg==
ads.css
static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ 		7 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ads.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94be8fe6d8e61460a6f3ef1f0d3db8853864b5c9a3c22fecb2b32472c1325fd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
tGjio8bXwcB5IW32rYNy29iYykAc0e1r
content-encoding
br
via
1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 08:02:01 GMT
x-amz-cf-pop
JFK52-P1
age
66492
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 25 Aug 2023 08:28:48 GMT
server
AmazonS3
etag
W/"f571d34e45f8fa112229e497c8686168"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
hd7LB848DIwgD6ya9MAq8CyRySLHuxzWFvur4rW24zsn__WjLuCzmg==
perfMetrics
embed.reddit.com/svc/shreddit/ Frame 9C18 		7 B
3 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/svc/shreddit/perfMetrics
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
d70b9e24bca26b409b9458ceca6c9e5c2b5c3171c37ff050c6f6a0d7a4420d2a
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-c3oQUrtEnek5MIYX7uzUGQ==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-c3oQUrtEnek5MIYX7uzUGQ==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
date
Mon, 04 Sep 2023 02:30:13 GMT
via
1.1 varnish
server
snooserv
content-security-policy-report-only
object-src 'none';script-src 'nonce-c3oQUrtEnek5MIYX7uzUGQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors 'self' *.reddit.com *.snooguts.net;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,accept-language
x-is-wrs
false
cache-control
private, s-maxage=1, max-age=1, must-revalidate
accept-ranges
bytes
content-length
7
ads
securepubads.g.doubleclick.net/gampad/ 		149 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4012409536050128&correlator=1739127420012214&eid=31077576%2C20222283&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=8352%3A1017293%2Ca.shefinds%2Carticles&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%2C728x90%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250&ifi=7&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Df4365ba33414e7f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MazNz2hq7EamHvgy9Von-nafnO9QQ&gpic=UID%3D000009fc561c41f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MbKlL1TgVc1-vhqOeuMOl23b4vyjg&abxe=1&dt=1693794613191&lmt=1693830476&adxs=441%2C-12245933%2C980%2C980%2C495&adys=360%2C-12245933%2C991%2C1611%2C3770&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C13%7C14&ucis=4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&vis=1&psz=960x250%7C1600x-1%7C300x1245%7C300x1245%7C300x-1&msz=970x250%7C0x-1%7C300x600%7C300x600%7C300x-1&fws=0%2C640%2C512%2C512%2C4&ohw=0%2C0%2C0%2C0%2C650&ga_vid=1789139906.1693794608&ga_sid=1693794609&ga_hid=373171656&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Yqcya8KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKnMmvClMUgAUgIIZA..&dlt=1693794606980&idt=1664&ppid=92e47ef3-e5e4-4a9c-b6d4-2eb85344024c&prev_scp=divid%3Dskm-ad-flexbanner%26st%3Dflxban%26inview%3Dtrue%26loc%3D1%26impuuid%3D59abb4e8-d334-47af-953c-0d70351114cb%26inst%3D1%26stinst%3D1%26optimera%3DZ%2C0.80%26id%3Df7d00b9a-4aca-11ee-b76d-02210cbb4ca3%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%26amzniid%3DJJQsthREOVfDnmg1NqbuO_wAAAGKXgaxxgEAAAxZAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICCWkG-3%26amznp%3D8iyubk%26amznsz%3D728x90%26amznbid%3D4854w0%26boom_cpm%3D0.06%26boom_winner%3Dcriteo_display%26boom_size%3D970x250%7Cdivid%3Dskm-ad-frame2%26st%3Dframe2%26inview%3Dtrue%26close_control%3Denabled%26loc%3Dsticky%26impuuid%3D4a66fba7-4d47-4a2a-b079-e935bee7a118%26inst%3Ds1%26stinst%3Ds1%26optimera%3DZ%2C0.60%26id%3Df7d00b9b-4aca-11ee-b76d-02210cbb4ca3%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%26amzniid%3DJKSng8g0-OwxdPPpC3rwpNYAAAGKXgaxxgEAAAxZAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICD0cSRc%26amznp%3D8iyubk%26amznsz%3D728x90%26amznbid%3Dzavnr4%26boom_cpm%3D0.25%26boom_winner%3Dcriteo_display%26boom_size%3D728x90%7Cdivid%3Dskm-ad-flexrec-1%26st%3Dflxrec%26inview%3Dtrue%26loc%3D2%26impuuid%3D7b3c3691-7f7f-4169-98bb-788ab4f3fc83%26inst%3D2%26stinst%3D1%26optimera%3DZ%2C1.50%26id%3Df7d00b9c-4aca-11ee-b76d-02210cbb4ca3%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26boom_cpm%3D0.30%26boom_winner%3Dcriteo_display%26boom_size%3D300x600%7Cdivid%3Dskm-ad-flexrec-rightrail%26st%3Dflxrec%26inview%3Dfalse%26loc%3D3%26impuuid%3D83b090e2-ad73-4aa7-bd72-58b27b1f8690%26inst%3D3%26stinst%3D2%26optimera%3DZ%2C1.00%26id%3Df7d00b9d-4aca-11ee-b76d-02210cbb4ca3%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26boom_cpm%3D0.16%26boom_winner%3Dcriteo_display%26boom_size%3D300x600%7Cdivid%3Dskm-ad-medrec-03%26st%3Dmrec%26inview%3Dfalse%26loc%3D5%26impuuid%3D2c677554-0255-497b-8258-f3e70a4b61ac%26inst%3D4%26stinst%3D1%26optimera%3DZ%2C0.90%26id%3Df7d00b9e-4aca-11ee-b76d-02210cbb4ca3%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26boom_cpm%3D0.05%26boom_winner%3Dcriteo_display%26boom_size%3D300x250&cust_params=permutive%3D%26puid%3Db10f1680-a6f7-4e6e-8f05-6311e1399ca3%26ptime%3D1693794609682%26pvuuid%3D65e90d9a-880c-4922-8429-737d1e8accef%26addir%3Dbh%252F41%252F412%252F412983%252F2498530%26site%3Dshefinds%26domain%3Dshefinds.com%26urlhash%3D2907093993%26section%3Dcollections%26directory%3Dwalmart-packaging-change%26plat%3Ddesk%26pt%3D-%26schainv10%3D1.0%252C1!pmc.com%252C1179161%252C1%252C%252C%252C%26browser%3DChrome%26pageview%3D1%26refresh%3Dn%26admants%3DS_10087%252CS_10271%252CS_10955%252CS_11587%252CS_12403%252CS_12404%252CS_12747%252CS_4284%252CS_4288%252CS_4289%252CS_4304%252CS_4317%252CS_4359%252CS_5276%252CS_6202%252CS_6310%252CS_6650%252CS_6654%252CS_6655%252CS_6766%252CS_6768%252CS_6911%252CS_7077%252CS_8531%252CS_9094%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1506123_PG%252CIAS_3007008_PG%252CIAS_1500690_PG%252CIAS_1500154_PG%252CIAS_1500161_PG%252CIAS_8285_KW%252CIAS_13037_KW%252CIAS_5678_KW%252CIAS_1500092_PG%252CIAS_1500085_PG%26fr%3Dtrue%26batch%3D1%26boom_session%3D7bc16db4fa99a4&adks=912865269%2C1151207275%2C834674590%2C2186152529%2C2901818940&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55b60620a6c365edb54cd69c881cf1b3fcd63af96aa1c713966eebf2bee4089e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18723
x-xss-protection
0
google-lineitem-id
5748882211,5749486547,5747529099,5749534799,5749533821
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138357559817,138357597360,138357532778,138357940384,138357939916
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:13 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
c6b60b96d840a52993cc982716d6085ba61e214997b995a0d5e010b2cc4771bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
map
bcp.crwdcntrl.net/6/ 		156 B
614 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.179.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-179-35.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
09964579dccd832e5b330f30fa4abd2f9592e3dff5ea26a282dea745ba103287

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:13 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
x-server
10.40.2.37
access-control-allow-credentials
true
content-length
156
expires
0
truncated
/ Frame 6E30 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43b423e7f02994fd4211fc7508b806a8456b1a3fa50767aee2525d109dc7f396

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 23BF 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53ef1c32483e1b049069e2aededf746295a046b966c77b19084701fee4e7a33d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DFF5 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
635f787cc3f70572ea6f5dea895b8972fc66e2110243a090b7156e7d38557f68

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
pr
s.amazon-adsystem.com/v3/ Frame ECE3 		5 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
896076805bdc760cca1ae485f0eddecea7f62ecc470d247f84ccd8cc02ec6dd6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
5611
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:30:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
A5RV71F0VPF2BG2W53R0
css2
fonts.googleapis.com/ Frame 8777 		3 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
933ff38629199ba200d23e1a3afda3ca9cae06352169926a4609942ab4d3742b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Sep 2023 01:14:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Sep 2023 02:30:13 GMT
ping.gif
player-files.remixd.com/ Frame 8777 		43 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=playerImpression&userId=null&referrerUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&domain=shefinds.com&adDuration=&inViewDuration=&sessionDuration=1&sessionId=511ba057-36b0-4536-92ef-edee701ea9ac&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
x-guploader-uploadid
ADPycdtzoFBWQZHnU-T5USrj8x4Do1LxjxPPo7xGV4dFidA39-m3wAshYbY5_sz_g0-4XgkqQoddPmqbwaR3TUqeDE_iB12Kbm5y
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Tue, 03 Sep 2024 02:30:13 GMT
ping.gif
player-files.remixd.com/ Frame 8777 		43 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=loading&userId=null&referrerUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&domain=shefinds.com&adDuration=&inViewDuration=&sessionDuration=2&sessionId=511ba057-36b0-4536-92ef-edee701ea9ac&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
x-guploader-uploadid
ADPycdvbrvL0l7J3NYbPF7eRDkpNOf2kh8GJNgm7C5_1MjScvzalrtfic2TvNAplxARrTqyh6sLNJ-7ut7uHx1LC1TLwGIlgVLFI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Tue, 03 Sep 2024 02:30:13 GMT
ping.gif
player-files.remixd.com/ Frame 8777 		43 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player-files.remixd.com/ping.gif?action=loaded&userId=null&referrerUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&domain=shefinds.com&adDuration=&inViewDuration=&sessionDuration=3&sessionId=511ba057-36b0-4536-92ef-edee701ea9ac&volume=null&speed=1&position=null&mediaLength=null&isAMP=false
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.38.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
143.38.190.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
x-guploader-uploadid
ADPycdurAjoWnFcsP4tNbqvYbByFD3PMGa9PXCbisj3QIkPzo_c4gvswo5F3uWaXcw7-4h7ajH2kNlsbotaih-V_NYOMxnr0-8j0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
last-modified
Wed, 23 Oct 2019 15:45:02 GMT
server
UploadServer
etag
"cc8f8e28fe4d3aa85ca835a029fe08a5"
x-goog-generation
1571845502045744
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=CskzBw==, md5=zI+OKP5NOqhcqDWgKf4IpQ==
access-control-expose-headers
Content-Type
cache-control
no-cache, no-store, must-revalidate
x-goog-stored-content-length
43
accept-ranges
bytes
expires
Tue, 03 Sep 2024 02:30:13 GMT
/
onetag-geo.s-onetag.com/ 		50 B
456 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: api.viglink.com
URL: https://api.viglink.com/api/sync.js?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-71.jfk50.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:33:16 GMT
via
1.1 f7712655aa6587fbf06c55b40ebb2680.cloudfront.net (CloudFront), 1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK50-P4
age
39416
x-amzn-requestid
d496aad8-c748-4d72-b5aa-7b97e87d98a0
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Kr8RkGx7iYcFZlw=
content-length
50
x-amz-cf-id
g88ZVzPB6LeDWJ-ywu-XQkpfg7z1f7w-mOJxqRpBSxrc3ECYMRUdWQ==
beacon.min.js
signal-beacon.s-onetag.com/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-8.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
bto3eb0o1YxjKQVMPWidTjdqvOBrBN1F
content-encoding
gzip
via
1.1 da79f1e019da644d2a3fd9e73f79a700.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 03:08:21 GMT
last-modified
Tue, 13 Jun 2023 14:58:24 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
age
84113
x-amz-server-side-encryption
AES256
etag
W/"565eb88b90415391668a5cb7cfb4557a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
1Spk79M6UX54-udDiQEFdHFBZm3Ap32anHta1qMfcHOSdEVV9XLFLg==
view
securepubads.g.doubleclick.net/pcs/ Frame 6E30 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssi2dW_hCggOXl7cOZp4Sa_kQ2nZ2QX8pVrdISTVngfoc80DRI8Vs2fL9ZyLkW4eFjKs3Kxmk-2RqAeNYlv9ws3P4C9MUn9NvULtwNrsHsO4Vf8GWZwfVcDAwxD--t97cKncQaUTXvPklD-YNUy3sWJMXnDSbATYQLJSdkjziDGzCtVKLC1zTZmFY8Uv5lfQEVyxRDVlNDAn0gd79lCLeCYy9nup3q4jOqj0GLHfVGEhiOAHP7Tn_8l3SAWm-FhdikItIrxvba_O8fhN7VQloZFpFwwEPoqh_osJCEjwSL-RxYxCXI-e2TB5JM7klwIsJIl5t8O2_e2gbZgD8vv1jS3P--7E1XqdtuxSsGjQn69Xo&sai=AMfl-YTivuw9yKHTq0T2pm9VxgZrko-xSF_NumGaxgygAS3PFibFxrhYBG4YCTi7TGdcSOq7sAWw9v1Y_qnSWL_2tevJuowqNbw-aK5bvmfau0K0kEOSkjxQ9dQ4B8vV44s&sig=Cg0ArKJSzCG81M3Fptb3EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:13 GMT
tag
pandg.tapad.com/ Frame 129E
Redirect Chain
  • https://feed.pghub.io/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architectur...
  • https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architect...
592 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22articles%22%7D
Requested by
Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
108d7513aeceecc3b62fda5e963e167eaeb74295c5fb5737847ac454182f171e
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA Sec-CH-UA-Arch Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-Mobile Sec-CH-UA-Model Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-WoW64
access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Mon, 04 Sep 2023 02:30:13 GMT
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-length
0
date
Mon, 04 Sep 2023 02:30:13 GMT
location
https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22articles%22%7D
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame DFF5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvJfVJW6WfU7kT5Q7hK49NlRRYHyW1ftAn0xndgo3TKa2jRW1XN26PQSk-Va8mfyOd7-CjOoeboHsmDf1ztc7ikW-sfvxAC26UhNErAB7Uhi69ScvbR06KendQru5UzYivZhLgTPgTpikTZYwKBhRMEZGORJPZrQqPHGExiFbZSSTS_dpNNYhfBEMIrn6bsi-d7_JZUTf1dHTdSAjtqTco42Eyo6e1CJFMBtLP3cAPfi4IiFYobMLJsV0_OWciqE0isjjfbQmZT7ldFdxY_sh-p_1RQmujhMeMpKLMvWWVQJXz6-NLZ0MjwGEueLU-JMYy-vgwoBT7LmHq_EEMGjkKKH5f0LVCZLb1pFMH&sai=AMfl-YRKp_SyhMDWXCcZuB-XDGmauDfU20dCisBUAW4m0WpbgpydwZddnySkI5hzTneKSeoIvOYPMv4ZUqz4zekuJuP2MWOo2a6o-B3gF6dJlilTac8N630Pyvjzobn3-ls&sig=Cg0ArKJSzHCIMgY9nwP6EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:13 GMT
place
sheknows-tagan.adlightning.com/ Frame DFF5 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sheknows-tagan.adlightning.com/place?p=1&d=eyJzaXRlSWQiOiJzaGVrbm93cyIsInVybCI6Imh0dHBzOi8vd3d3LnNoZWZpbmRzLmNvbS9jb2xsZWN0aW9ucy93YWxtYXJ0LXBhY2thZ2luZy1jaGFuZ2UvIiwiYWRVbml0IjoiLzIxODI0NzI5NDc1L3NoZWZpbmRzLXNoZWZpbmRzLWRlc2t0b3AtNzI4eDkwXzEiLCJhZFNlcnZlckRldGFpbHMiOnsiYWR2ZXJ0aXNlcklkIjoiNDk5OTI5NDc4MyIsImNhbXBhaWduSWQiOiIzMDg4NTE2MjkyIiwiY3JlYXRpdmVJZCI6IjEzODQwNjkwNjExMCIsImxpbmVpdGVtSWQiOiI2MTI2OTA3NDMwIiwiYWRTZXJ2ZXIiOiJkZnAifSwid2lkdGgiOjcyOCwiaGVpZ2h0Ijo5MCwid3YiOiIxLjAuMCtlMDlmMTBmIiwiYnYiOiJibC1jMjViMjAzLTNhMDQzOGJjO2ItZTA5ZjEwZi02MzU3MWE4NiIsIm1ldGEiOnsiYmxhY2tsaXN0U3RhdHVzIjp7ImxvYWRlZCI6dHJ1ZSwiY291bnQiOjE1MDQsImZpcnN0SXRlbSI6eyJ0IjoibXV6bmFiY2xpY2tzLmNvbSIsImEiOjEwfX0sImJsb2NrZWRJbmZvIjp7InJlZnJlc2hlZENvdW50IjowLCJibG9ja2VkQ291bnQiOjB9LCJwbFJhdGlvIjowLjAyLCJJQUJDb25zZW50U3RyaW5nIjp7InVzcGFwaSI6W3sidmVyc2lvbiI6MSwidXNwU3RyaW5nIjoiMS0tLSJ9XX19LCJ0YWdNYXJrdXAiOiI8aHRtbD48aGVhZD48c2NyaXB0IHNyYz1cImh0dHBzOi8vdGFnYW4uYWRsaWdodG5pbmcuY29tL3NoZWtub3dzL2ItZTA5ZjEwZi02MzU3MWE4Ni5qc1wiIHR5cGU9XCJ0ZXh0L2phdmFzY3JpcHRcIj48L3NjcmlwdD48c2NyaXB0PndpbmRvd1tcIjIxODQ1ODMxX3NoZWtub3dzXCJdID0gd2luZG93W1wiMjE4NDU4MzFfc2hla25vd3NcIl0gfHwge307d2luZG93W1wiMjE4NDU4MzFfc2hla25vd3NcIl0udGFnRGV0YWlscyA9IHdpbmRvd1tcIjIxODQ1ODMxX3NoZWtub3dzXCJdLnRhZ0RldGFpbHMgfHwge1wic2l0ZUlkXCI6XCJzaGVrbm93c1wiLFwid3ZcIjpcIjEuMC4wK2UwOWYxMGZcIixcImJsdlwiOlwiYmwtYzI1YjIwMy0zYTA0MzhiY1wiLFwiYnZcIjpcImItZTA5ZjEwZi02MzU3MWE4NlwiLFwidG9wRG9tYWluXCI6XCJodHRwczovL3d3dy5zaGVmaW5kcy5jb20vY29sbGVjdGlvbnMvd2FsbWFydC1wYWNrYWdpbmctY2hhbmdlL1wiLFwiY3VycmVudFRhZ0lkXCI6XCJhZGx0YWdfbG00OWt1d3JfZGQ0RjVjM0ZteGVcIixcImF1XCI6XCIvMjE4MjQ3Mjk0NzUvc2hlZmluZHMtc2hlZmluZHMtZGVza3RvcC03Mjh4OTBfMVwiLFwic2xvdEVsZW1lbnRJZFwiOlwiZ29vZ2xlLXRhZy03Mjh4OTAtMVwiLFwicmVmcmVzaGVzUmVtYWluaW5nXCI6MixcImJsb2NrZWRDb3VudFwiOjAsXCJhZFNlcnZlckRldGFpbHNcIjp7XCJhZHZlcnRpc2VySWRcIjpcIjQ5OTkyOTQ3ODNcIixcImNhbXBhaWduSWRcIjpcIjMwODg1MTYyOTJcIixcImNyZWF0aXZlSWRcIjpcIjEzODQwNjkwNjExMFwiLFwibGluZWl0ZW1JZFwiOlwiNjEyNjkwNzQzMFwiLFwiYWRTZXJ2ZXJcIjpcImRmcFwifSxcIndcIjo3MjgsXCJoXCI6OTAsXCJJQUJDb25zZW50U3RyaW5nXCI6e1widXNwYXBpXCI6W3tcInZlcnNpb25cIjoxLFwidXNwU3RyaW5nXCI6XCIxLS0tXCJ9XX19O3dpbmRvdy5ibG9ja2VyICYmIGJsb2NrZXIoXCIyMTg0NTgzMV9zaGVrbm93c1wiLCBcIjwhLS1BRExfV1JBUFBFRC0tPlwiLCBmYWxzZSwgd2luZG93LCB7XCJyZWZyZXNoTWVzc2FnZVwiOlwidHJ1ZVwifSk7PC9zY3JpcHQ%2BPHNjcmlwdD52YXIgaW5EYXBJRj10cnVlLGluR3B0SUY9dHJ1ZTs8L3NjcmlwdD48c2NyaXB0IHNyYz1cImh0dHBzOi8vYWRzLmJpZHN0cmVhbXNlcnZlci5jb20vc2VydmxldC92aWV3L2Jhbm5lci9qYXZhc2NyaXB0L3pvbmU%2FemlkPTQ2MiZhbXA7ZnJpZW5kbHk9ZnJpZW5kbHlfNjA2NTM5MjYmYW1wO3BpZD0xJmFtcDtyZWZyZXNoPTYwJmFtcDtyZWZyZXNoX2xpbWl0PTEmYW1wO3JtcGlkPXRydWUmYW1wO3JhbmRvbT02MDY1MzkyNiZhbXA7ZW5jb2RlPTEmYW1wO29yaWdpbj1odHRwcyUzQSUyRiUyRnd3dy5zaGVmaW5kcy5jb20mYW1wO3JlZmVycmVyPWh0dHBzOi8vd3d3LnNoZWZpbmRzLmNvbS9jb2xsZWN0aW9ucy93YWxtYXJ0LXBhY2thZ2luZy1jaGFuZ2UvXCI%2BPC9zY3JpcHQ%2BPG1ldGEgaHR0cC1lcXVpdj1cIm9yaWdpbi10cmlhbFwiIGNvbnRlbnQ9XCJBLzZobXd4OERwSHVkNjEzZlNZWWEyQzJUNjFpQzUxM1Y0QllHL3BCSDR6czVzR3NVYzlSZ2FQS2hmazNKaEhGMzBOLzkvTm50V3pFcTI4a2tyTXhwZ1FBQUFCd2V5SnZjbWxuYVc0aU9pSm9kSFJ3Y3pvdkwyRmtMbVJ2ZFdKc1pXTnNhV05yTG01bGREbzBORE1pTENKbVpXRjBkWEpsSWpvaVVHVnVaR2x1WjBKbFlXTnZia0ZRU1NJc0ltVjRjR2x5ZVNJNk1UWTNPREl6TXpVNU9Td2lhWE5VYUdseVpGQmhjblI1SWpwMGNuVmxmUT09XCI%2BPC9oZWFkPjxib2R5IGxlZnRtYXJnaW49XCIwXCIgdG9wbWFyZ2luPVwiMFwiIG1hcmdpbndpZHRoPVwiMFwiIG1hcmdpbmhlaWdodD1cIjBcIj48c2NyaXB0PndpbmRvdy5kaWNuZiA9IHt9Ozwvc2NyaXB0PjxzY3JpcHQgZGF0YS1qYz1cIjQyXCIgZGF0YS1qYy12ZXJzaW9uPVwicjIwMjMwODMwXCIgZGF0YS1qYy1mbGFncz1cIlsmcXVvdDt4JTI3ODQ0Nic5ZWZvdG0oJmFtcDsyMDA2Nzs%2BOCZhbXA7PmBkb3BiLyU8MTczMjI2MSE9fHZxYykhNzIwMTA2MT8nOWVmb3RtKCZhbXA7MjA3MjM7PjomYW1wOz5gZG9wYn4mcXVvdDtdXCI%2BKGZ1bmN0aW9uKCl7LyogIENvcHlyaWdodCBUaGUgQ2xvc3VyZSBMaWJyYXJ5IEF1dGhvcnMuIFNQRFgtTGljZW5zZS1JZGVudGlmaWVyOiBBcGFjaGUtMi4wICovICd1c2Ugc3RyaWN0Jzt2YXIgdD10aGlzfHxzZWxmO3ZhciB2LHg7YTp7Zm9yKHZhciBhYT1bXCJDTE9TVVJFX0ZMQUdTXCJdLHk9dCx6PTA7ejxhYS5sZW5ndGg7eisrKWlmKHk9eVthYVt6XV0sbnVsbD09eSl7eD1udWxsO2JyZWFrIGF9eD15fXZhciBiYT14JiZ4WzYxMDQwMTMwMV07dj1udWxsIT1iYT9iYTohMTt2YXIgQjtjb25zdCBjYT10Lm5hdmlnYXRvcjtCPWNhP2NhLnVzZXJBZ2VudERhdGF8fG51bGw6bnVsbDtmdW5jdGlvbiBFKGEpe3JldHVybiB2P0I%2FQi5icmFuZHMuc29tZSgoe2JyYW5kOmJ9KT0%2BYiYmLTEhPWIuaW5kZXhPZihhKSk6ITE6ITF9ZnVuY3Rpb24gRihhKXt2YXIgYjthOntpZihiPXQubmF2aWdhdG9yKWlmKGI9Yi51c2VyQWdlbnQpYnJlYWsgYTtiPVwiXCJ9cmV0dXJuLTEhPWIuaW5kZXhPZihhKX07ZnVuY3Rpb24gRygpe3JldHVybiB2PyEhQiYmMDxCLmJyYW5kcy5sZW5ndGg6ITF9ZnVuY3Rpb24gSCgpe3JldHVybiBHKCk%2FRShcIkNocm9taXVtXCIpOihGKFwiQ2hyb21lXCIpfHxGKFwiQ3JpT1NcIikpJiYhKEcoKT8wOkYoXCJFZGdlXCIpKXx8RihcIlNpbGtcIil9O2Z1bmN0aW9uIEkoYSl7SVtcIiBcIl0oYSk7cmV0dXJuIGF9SVtcIiBcIl09ZnVuY3Rpb24oKXt9OyFGKFwiQW5kcm9pZFwiKXx8SCgpO0goKTtGKFwiU2FmYXJpXCIpJiYoSCgpfHwoRygpPzA6RihcIkNvYXN0XCIpKXx8KEcoKT8wOkYoXCJPcGVyYVwiKSl8fChHKCk%2FMDpGKFwiRWRnZVwiKSl8fChHKCk%2FRShcIk1pY3Jvc29mdCBFZGdlXCIpOkYoXCJFZGcvXCIpKXx8RygpJiZFKFwiT3BlcmFcIikpO3ZhciBkYT17fSxKPW51bGw7Y29uc3QgSz1TeW1ib2woKTtmdW5jdGlvbiBlYShhKXtjb25zdCBiPWFbS118MDsxIT09KGImMSkmJihPYmplY3QuaXNGcm96ZW4oYSkmJihhPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGEpKSxhW0tdPWJ8MSl9ZnVuY3Rpb24gZmEoKXt2YXIgYT1bXTthW0tdfD0xO3JldHVybiBhfWZ1bmN0aW9uIGhhKGEpe2E9YT4%2BMTEmMTAyMztyZXR1cm4gMD09PWE%2FNTM2ODcwOTEyOmF9O3ZhciBpYT17fTtmdW5jdGlvbiBMKGEpe3JldHVybiBudWxsIT09YSYmXCJvYmplY3RcIj09PXR5cGVvZiBhJiYhQXJyYXkuaXNBcnJheShhKSYmYS5jb25zdHJ1Y3Rvcj09PU9iamVjdH1sZXQgamE7dmFyIE07Y29uc3Qga2E9W107a2FbS109Mzk7TT1PYmplY3QuZnJlZXplKGthKTtmdW5jdGlvbiBvYShhKXtpZihcImJvb2xlYW5cIiE9PXR5cGVvZiBhKXt2YXIgYj10eXBlb2YgYTt0aHJvdyBFcnJvcihgRXhwZWN0ZWQgYm9vbGVhbiBidXQgZ290ICR7XCJvYmplY3RcIiE9Yj9iOmE%2FQXJyYXkuaXNBcnJheShhKT9cImFycmF5XCI6YjpcIm51bGxcIn06ICR7YX1gKTt9cmV0dXJuISFhfTtsZXQgcGE7ZnVuY3Rpb24gcWEoYSxiKXtyZXR1cm4gcmEoYil9ZnVuY3Rpb24gcmEoYSl7c3dpdGNoKHR5cGVvZiBhKXtjYXNlIFwibnVtYmVyXCI6cmV0dXJuIGlzRmluaXRlKGEpP2E6U3RyaW5nKGEpO2Nhc2UgXCJib29sZWFuXCI6cmV0dXJuIGE%2FMTowO2Nhc2UgXCJvYmplY3RcIjppZihhJiYhQXJyYXkuaXNBcnJheShhKSYmbnVsbCE9YSYmYSBpbnN0YW5jZW9mIFVpbnQ4QXJyYXkpe2xldCBiPVwiXCIsYz0wO2NvbnN0IGQ9YS5sZW5ndGgtMTAyNDA7Zm9yKDtjPGQ7KWIrPVN0cmluZy5mcm9tQ2hhckNvZGUuYXBwbHkobnVsbCxhLnN1YmFycmF5KGMsYys9MTAyNDApKTtiKz1TdHJpbmcuZnJvbUNoYXJDb2RlLmFwcGx5KG51bGwsYz9hLnN1YmFycmF5KGMpOmEpO3JldHVybiBidG9hKGIpfX1yZXR1cm4gYX07ZnVuY3Rpb24gc2EoYSxiLGMsZCxlLGYpe2lmKG51bGwhPWEpe2lmKEFycmF5LmlzQXJyYXkoYSkpYT1lJiYwPT1hLmxlbmd0aCYmKGFbS118MCkmMT92b2lkIDA6ZiYmKGFbS118MCkmMj9hOnRhKGEsYixjLHZvaWQgMCE9PWQsZSxmKTtlbHNlIGlmKEwoYSkpe2NvbnN0IGc9e307Zm9yKGxldCBoIGluIGEpZ1toXT1zYShhW2hdLGIsYyxkLGUsZik7YT1nfWVsc2UgYT1iKGEsZCk7cmV0dXJuIGF9fWZ1bmN0aW9uIHRhKGEsYixjLGQsZSxmKXtjb25zdCBnPWR8fGM%2FYVtLXXwwOjA7ZD1kPyEhKGcmMzIpOnZvaWQgMDthPUFycmF5LnByb3RvdHlwZS5zbGljZS5jYWxsKGEpO2ZvcihsZXQgaD0wO2g8YS5sZW5ndGg7aCsrKWFbaF09c2EoYVtoXSxiLGMsZCxlLGYpO2MmJmMoZyxhKTtyZXR1cm4gYX1mdW5jdGlvbiB1YShhKXtyZXR1cm4gYS52PT09aWE%2FYS50b0pTT04oKTpyYShhKX07ZnVuY3Rpb24gdmEoYSxiLGMpe2NvbnN0IGQ9YS5qLGU9ZFtLXTtpZihlJjIpdGhyb3cgRXJyb3IoKTt3YShkLGUsYixjKTtyZXR1cm4gYX1mdW5jdGlvbiB3YShhLGIsYyxkKXt2YXIgZT1oYShiKTtpZihjPj1lKXtsZXQgZj1iO2lmKGImMjU2KWU9YVthLmxlbmd0aC0xXTtlbHNle2lmKG51bGw9PWQpcmV0dXJuO2U9YVtlKygrISEoYiY1MTIpLTEpXT17fTtmfD0yNTZ9ZVtjXT1kO2YhPT1iJiYoYVtLXT1mKX1lbHNlIGFbYysoKyEhKGImNTEyKS0xKV09ZCxiJjI1NiYmKGE9YVthLmxlbmd0aC0xXSxjIGluIGEmJmRlbGV0ZSBhW2NdKX1mdW5jdGlvbiBOKGEsYixjKXtpZihudWxsIT1jJiZcInN0cmluZ1wiIT09dHlwZW9mIGMpdGhyb3cgRXJyb3IoKTtyZXR1cm4gdmEoYSxiLGMpfTt2YXIgTz1jbGFzc3tjb25zdHJ1Y3Rvcigpe2E6e3ZhciBhPXZvaWQgMDtudWxsPT1hJiYoYT1wYSk7cGE9dm9pZCAwO2lmKG51bGw9PWEpe3ZhciBiPTk2O2E9W119ZWxzZXtpZighQXJyYXkuaXNBcnJheShhKSl0aHJvdyBFcnJvcigpO2I9YVtLXXwwO2lmKGImNjQpYnJlYWsgYTt2YXIgYz1hO2J8PTY0O3ZhciBkPWMubGVuZ3RoO2lmKGQpe3ZhciBlPWQtMTtkPWNbZV07aWYoTChkKSl7Ynw9MjU2O2NvbnN0IGY9KyEhKGImNTEyKS0xO2UtPWY7aWYoMTAyNDw9ZSl7ZT0xMDIzK2Y7Y29uc3QgZz1jLmxlbmd0aDtmb3IobGV0IGg9ZTtoPGc7aCsrKXtjb25zdCBrPWNbaF07bnVsbCE9ayYmayE9PWQmJihkW2gtZl09ayl9Yy5sZW5ndGg9ZSsxO2NbZV09ZDtlPTEwMjN9Yj1iJi0yMDk1MTA1fChlJjEwMjMpPDwxMX19fWFbS109Yn10aGlzLmo9YX10b0pTT04oKXtpZihqYSl2YXIgYT14YSh0aGlzLHRoaXMuaiwhMSk7ZWxzZSBhPXRhKHRoaXMuaix1YSx2b2lkIDAsdm9pZCAwLCExLCExKSwgYT14YSh0aGlzLGEsITApO3JldHVybiBhfX07Ty5wcm90b3R5cGUudj1pYTtPLnByb3RvdHlwZS50b1N0cmluZz1mdW5jdGlvbigpe3JldHVybiB4YSh0aGlzLHRo&i=1-6&t=adltag_lm49kuwr_dd4F5c3Fmxe&r=a415c6f06bcfe90a1dc0ddb191cee85&c=sheknows&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-19.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
G_RnelvHxLZRigY10NOQqcebDxJ14kwi
date
Sun, 03 Sep 2023 22:12:03 GMT
via
1.1 4a6fd791b6663fb7a124f5d43d11ba3c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
15491
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 00:29:17 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
EXCvc42fd_nPefysgwtug6mbXr2Am4bE4Kj-DB8qJKqBj9WZdhbgFA==
place
sheknows-tagan.adlightning.com/ Frame DFF5 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sheknows-tagan.adlightning.com/place?p=1&d=aXMuaiwhMSkudG9TdHJpbmcoKX07IGZ1bmN0aW9uIHhhKGEsYixjKXt2YXIgZD1hLmNvbnN0cnVjdG9yLkEsZT1oYSgoYz9hLmo6YilbS10pLGY9ITE7aWYoZCl7aWYoIWMpe2I9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYik7dmFyIGc7aWYoYi5sZW5ndGgmJkwoZz1iW2IubGVuZ3RoLTFdKSlmb3IoZj0wO2Y8ZC5sZW5ndGg7ZisrKWlmKGRbZl0%2BPWUpe09iamVjdC5hc3NpZ24oYltiLmxlbmd0aC0xXT17fSxnKTticmVha31mPSEwfWU9YjtjPSFjO2c9YS5qW0tdO2E9aGEoZyk7Zz0rISEoZyY1MTIpLTE7dmFyIGg7Zm9yKGxldCBxPTA7cTxkLmxlbmd0aDtxKyspe3ZhciBrPWRbcV07aWYoazxhKXtrKz1nO3ZhciBsPWVba107bnVsbD09bD9lW2tdPWM%2FTTpmYSgpOmMmJmwhPT1NJiZlYShsKX1lbHNle2lmKCFoKXt2YXIgbT12b2lkIDA7ZS5sZW5ndGgmJkwobT1lW2UubGVuZ3RoLTFdKT9oPW06ZS5wdXNoKGg9e30pfWw9aFtrXTtudWxsPT1oW2tdP2hba109Yz9NOmZhKCk6YyYmbCE9PU0mJmVhKGwpfX19ZD1iLmxlbmd0aDsgaWYoIWQpcmV0dXJuIGI7bGV0IG4scDtpZihMKGg9YltkLTFdKSl7YTp7dmFyIHI9aDttPXt9O2U9ITE7Zm9yKGxldCBxIGluIHIpYz1yW3FdLEFycmF5LmlzQXJyYXkoYykmJmMhPWMmJihlPSEwKSxudWxsIT1jP21bcV09YzplPSEwO2lmKGUpe2ZvcihsZXQgcSBpbiBtKXtyPW07YnJlYWsgYX1yPW51bGx9fXIhPWgmJihuPSEwKTtkLS19Zm9yKDswPGQ7ZC0tKXtoPWJbZC0xXTtpZihudWxsIT1oKWJyZWFrO3A9ITB9aWYoIW4mJiFwKXJldHVybiBiO3ZhciB1O2Y%2FdT1iOnU9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYiwwLGQpO2I9dTtmJiYoYi5sZW5ndGg9ZCk7ciYmYi5wdXNoKHIpO3JldHVybiBifTt2YXIgUD1jbGFzc3tjb25zdHJ1Y3RvcihhLGI9ITEpe3RoaXMua2V5PWE7dGhpcy5kZWZhdWx0VmFsdWU9Yjt0aGlzLnZhbHVlVHlwZT1cImJvb2xlYW5cIn19O3ZhciB5YT1uZXcgUChcIjQ1MzY4MjU5XCIpLHphPW5ldyBQKFwiNDUzNTcxNTZcIiwhMCksQWE9bmV3IFAoXCI0NTM1MDg5MFwiKSxCYT1uZXcgUChcIjQ1NDE0ODkyXCIpO3ZhciBRPShhLGIpPT5cIiZhZHVybD1cIj09YS5zdWJzdHJpbmcoYS5sZW5ndGgtNyk%2FYS5zdWJzdHJpbmcoMCxhLmxlbmd0aC03KStiK1wiJmFkdXJsPVwiOmErYjtmdW5jdGlvbiBDYShhLGIsYyl7YS5hZGRFdmVudExpc3RlbmVyJiZhLmFkZEV2ZW50TGlzdGVuZXIoYixjLCExKX07dmFyIERhPVJlZ0V4cChcIl4oPzooW146Lz8jLl0rKTopPyg%2FOi8vKD86KFteXFxcXFxcXFwvPyNdKilAKT8oW15cXFxcXFxcXC8%2FI10qPykoPzo6KFswLTldKykpPyg%2FPVtcXFxcXFxcXC8%2FI118JCkpPyhbXj8jXSspPyg%2FOlxcXFw%2FKFteI10qKSk%2FKD86IyhbXFxcXHNcXFxcU10qKSk%2FJFwiKTtmdW5jdGlvbiBFYShhLGIsYyxkKXtmb3IodmFyIGU9Yy5sZW5ndGg7MDw9KGI9YS5pbmRleE9mKGMsYikpJiZiPGQ7KXt2YXIgZj1hLmNoYXJDb2RlQXQoYi0xKTtpZigzOD09Znx8NjM9PWYpaWYoZj1hLmNoYXJDb2RlQXQoYitlKSwhZnx8NjE9PWZ8fDM4PT1mfHwzNT09ZilyZXR1cm4gYjtiKz1lKzF9cmV0dXJuLTF9dmFyIEZhPS8jfCQvOyBmdW5jdGlvbiBHYShhKXt2YXIgYj1hLnNlYXJjaChGYSksYz1FYShhLDAsXCJhc2VcIixiKTtpZigwPmMpcmV0dXJuIG51bGw7dmFyIGQ9YS5pbmRleE9mKFwiJlwiLGMpO2lmKDA%2BZHx8ZD5iKWQ9YjtyZXR1cm4gZGVjb2RlVVJJQ29tcG9uZW50KGEuc2xpY2UoYys0LC0xIT09ZD9kOjApLnJlcGxhY2UoL1xcKy9nLFwiIFwiKSl9dmFyIEhhPS9bPyZdKCR8IykvOyBmdW5jdGlvbiBJYShhLGIpe2Zvcih2YXIgYz1hLnNlYXJjaChGYSksZD0wLGUsZj1bXTswPD0oZT1FYShhLGQsXCJuaXNcIixjKSk7KWYucHVzaChhLnN1YnN0cmluZyhkLGUpKSxkPU1hdGgubWluKGEuaW5kZXhPZihcIiZcIixlKSsxfHxjLGMpO2YucHVzaChhLnNsaWNlKGQpKTthPWYuam9pbihcIlwiKS5yZXBsYWNlKEhhLFwiJDFcIik7KGI9XCJuaXNcIisobnVsbCE9Yj9cIj1cIitlbmNvZGVVUklDb21wb25lbnQoU3RyaW5nKGIpKTpcIlwiKSk%2FKGM9YS5pbmRleE9mKFwiI1wiKSwwPmMmJihjPWEubGVuZ3RoKSxkPWEuaW5kZXhPZihcIj9cIiksMD5kfHxkPmM%2FKGQ9YyxlPVwiXCIpOmU9YS5zdWJzdHJpbmcoZCsxLGMpLGE9W2Euc2xpY2UoMCxkKSxlLGEuc2xpY2UoYyldLGM9YVsxXSxhWzFdPWI%2FYz9jK1wiJlwiK2I6YjpjLGI9YVswXSsoYVsxXT9cIj9cIithWzFdOlwiXCIpK2FbMl0pOmI9YTtyZXR1cm4gYn07ZnVuY3Rpb24gSmEoKXtpZighZ2xvYmFsVGhpcy5jcnlwdG8pcmV0dXJuIE1hdGgucmFuZG9tKCk7dHJ5e2NvbnN0IGE9bmV3IFVpbnQzMkFycmF5KDEpO2dsb2JhbFRoaXMuY3J5cHRvLmdldFJhbmRvbVZhbHVlcyhhKTtyZXR1cm4gYVswXS82NTUzNi82NTUzNn1jYXRjaHtyZXR1cm4gTWF0aC5yYW5kb20oKX19ZnVuY3Rpb24gS2EoYSxiKXtpZihhKWZvcihjb25zdCBjIGluIGEpT2JqZWN0LnByb3RvdHlwZS5oYXNPd25Qcm9wZXJ0eS5jYWxsKGEsYykmJmIoYVtjXSxjLGEpfWZ1bmN0aW9uIExhKGE9ZG9jdW1lbnQpe3JldHVybiBhLmNyZWF0ZUVsZW1lbnQoXCJpbWdcIil9O2Z1bmN0aW9uIE1hKGEsYj1udWxsKXtOYShhLGIpfWZ1bmN0aW9uIE5hKGEsYil7dC5nb29nbGVfaW1hZ2VfcmVxdWVzdHN8fCh0Lmdvb2dsZV9pbWFnZV9yZXF1ZXN0cz1bXSk7Y29uc3QgYz1MYSh0LmRvY3VtZW50KTtpZihiKXtjb25zdCBkPWU9PntiJiZiKGUpO2MucmVtb3ZlRXZlbnRMaXN0ZW5lciYmYy5yZW1vdmVFdmVudExpc3RlbmVyKFwibG9hZFwiLGQsITEpO2MucmVtb3ZlRXZlbnRMaXN0ZW5lciYmYy5yZW1vdmVFdmVudExpc3RlbmVyKFwiZXJyb3JcIixkLCExKX07Q2EoYyxcImxvYWRcIixkKTtDYShjLFwiZXJyb3JcIixkKX1jLnNyYz1hO3QuZ29vZ2xlX2ltYWdlX3JlcXVlc3RzLnB1c2goYyl9O2xldCBPYT0wO2Z1bmN0aW9uIFBhKGEsYj1udWxsKXtyZXR1cm4gYiYmYi5nZXRBdHRyaWJ1dGUoXCJkYXRhLWpjXCIpPT09U3RyaW5nKGEpP2I6ZG9jdW1lbnQucXVlcnlTZWxlY3RvcihgWyR7XCJkYXRhLWpjXCJ9PVwiJHthfVwiXWApfTtmdW5jdGlvbiBSKGEpe1RhfHwoVGE9bmV3IFVhKTtjb25zdCBiPVRhLmdbYS5rZXldO2lmKFwicHJvdG9cIj09PWEudmFsdWVUeXBlKXt0cnl7Y29uc3QgYz1KU09OLnBhcnNlKGIpO2lmKEFycmF5LmlzQXJyYXkoYykpcmV0dXJuIGN9Y2F0Y2goYyl7fXJldHVybiBhLmRlZmF1bHRWYWx1ZX1yZXR1cm4gdHlwZW9mIGI9PT10eXBlb2YgYS5kZWZhdWx0VmFsdWU%2FYjphLmRlZmF1bHRWYWx1ZX12YXIgVmE9Y2xhc3N7Y29uc3RydWN0b3IoKXt0aGlzLmc9e319fTt2YXIgVWE9Y2xhc3MgZXh0ZW5kcyBWYXtjb25zdHJ1Y3Rvcigpe3N1cGVyKCk7dmFyIGE9UGEoT2EsZG9jdW1lbnQuY3VycmVudFNjcmlwdCk7YT1hJiZhLmdldEF0dHJpYnV0ZShcImRhdGEtamMtZmxhZ3NcIil8fFwiXCI7dHJ5e2NvbnN0IGI9SlNPTi5wYXJzZShhKVswXTthPVwiXCI7Zm9yKGxldCBjPTA7YzxiLmxlbmd0aDtjKyspYSs9U3RyaW5nLmZyb21DaGFyQ29kZShiLmNoYXJDb2RlQXQoYyleXCJcXHUwMDAzXFx1MDAwN1xcdTAwMDNcXHUwMDA3XFxiXFx1MDAwNFxcdTAwMDRcXHUwMDA2XFx1MDAwNVxcdTAwMDNcIi5jaGFyQ29kZUF0KGMlMTApKTt0aGlzLmc9SlNPTi5wYXJzZShhKX1jYXRjaChiKXt9fX0sVGE7Y2xhc3MgV2F7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmVycm9yPWE7dGhpcy5jb250ZXh0PWIuY29udGV4dDt0aGlzLm1zZz1iLm1lc3NhZ2V8fFwiXCI7dGhpcy5pZD1iLmlkfHxcImpzZXJyb3JcIjt0aGlzLm1ldGE9e319fTtjb25zdCBYYT1SZWdFeHAoXCJeaHR0cHM%2FOi8vKFxcXFx3fC0pK1xcXFwuY2RuXFxcXC5hbXBwcm9qZWN0XFxcXC4obmV0fG9yZykoXFxcXD98L3wkKVwiKTt2YXIgWWE9Y2xhc3N7Y29uc3RydWN0b3IoYSxiKXt0aGlzLmc9YTt0aGlzLmg9Yn19LFphPWNsYXNze2NvbnN0cnVjdG9yKGEsYil7dGhpcy51cmw9YTt0aGlzLm89ISFiO3RoaXMuZGVwdGg9bnVsbH19O2xldCBTPW51bGw7ZnVuY3Rpb24gJGEoKXtjb25zdCBhPXQucGVyZm9ybWFuY2U7cmV0dXJuIGEmJmEubm93JiZhLnRpbWluZz9NYXRoLmZsb29yKGEubm93KCkrYS50aW1pbmcubmF2aWdhdGlvblN0YXJ0KTpEYXRlLm5vdygpfWZ1bmN0aW9uIGFiKCl7Y29uc3QgYT10LnBlcmZvcm1hbmNlO3JldHVybiBhJiZhLm5vdz9hLm5vdygpOm51bGx9O3ZhciBiYj1jbGFzc3tjb25zdHJ1Y3RvcihhLGIpe3ZhciBjPWFiKCl8fCRhKCk7dGhpcy5sYWJlbD1hO3RoaXMudHlwZT1iO3RoaXMudmFsdWU9Yzt0aGlzLmR1cmF0aW9uPTA7dGhpcy50YXNrSWQ9dGhpcy5zbG90SWQ9dm9pZCAwO3RoaXMudW5pcXVlSWQ9TWF0aC5yYW5kb20oKX19O2NvbnN0IFQ9dC5wZXJmb3JtYW5jZSxjYj0hIShUJiZULm1hcmsmJlQubWVhc3VyZSYmVC5jbGVhck1hcmtzKSxWPWZ1bmN0aW9uKGEpe2xldCBiPSExLGM7cmV0dXJuIGZ1bmN0aW9uKCl7Ynx8KGM9YSgpLGI9ITApO3JldHVybiBjfX0oKCk9Pnt2YXIgYTtpZihhPWNiKXt2YXIgYjtpZihudWxsPT09Uyl7Uz1cIlwiO3RyeXthPVwiXCI7dHJ5e2E9dC50b3AubG9jYXRpb24uaGFzaH1jYXRjaChjKXthPXQubG9jYXRpb24uaGFzaH1hJiYoUz0oYj1hLm1hdGNoKC9cXGJkZWlkPShbXFxkLF0rKS8pKT9iWzFdOlwiXCIpfWNhdGNoKGMpe319Yj1TO2E9ISFiLmluZGV4T2YmJjA8PWIuaW5kZXhPZihcIjEzMzdcIil9cmV0dXJuIGF9KTtmdW5jdGlvbiBkYihhKXthJiZUJiZWKCkmJihULmNsZWFyTWFya3MoYGdvb2dfJHthLmxhYmVsfV8ke2EudW5pcXVlSWR9X3N0YXJ0YCksVC5jbGVhck1hcmtzKGBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9lbmRgKSl9IGNsYXNzIGVie2NvbnN0cnVjdG9yKCl7dmFyIGE9d2luZG93O3RoaXMuaD1bXTt0aGlzLmk9YXx8dDtsZXQgYj1udWxsO2EmJihhLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWU9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlfHxbXSx0aGlzLmg9YS5nb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlLGI9YS5nb29nbGVfbWVhc3VyZV9qc190aW1pbmcpO3RoaXMuZz1WKCl8fChudWxsIT1iP2I6MT5NYXRoLnJhbmRvbSgpKX1zdGFydChhLGIpe2lmKCF0aGlzLmcpcmV0dXJuIG51bGw7YT1uZXcgYmIoYSxiKTtiPWBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9zdGFydGA7VCYmVigpJiZULm1hcmsoYik7cmV0dXJuIGF9ZW5kKGEpe2lmKHRoaXMuZyYmXCJudW1iZXJcIj09PXR5cGVvZiBhLnZhbHVlKXthLmR1cmF0aW9uPShhYigpfHwkYSgpKS1hLnZhbHVlO3ZhciBiPWBnb29nXyR7YS5sYWJlbH1fJHthLnVuaXF1ZUlkfV9lbmRgO1QmJlYoKSYmVC5tYXJrKGIpOyF0aGlzLmd8fDIwNDg8IHRoaXMuaC5sZW5ndGh8fHRoaXMuaC5wdXNoKGEpfX19O2Z1bmN0aW9uIFcoYSxiKXtjb25zdCBjPXt9O2NbYV09YjtyZXR1cm5bY119ZnVuY3Rpb24gZmIoYSxiLGMsZCxlKXtjb25zdCBmPVtdO0thKGEsZnVuY3Rpb24oZyxoKXsoZz1nYihnLGIsYyxkLGUpKSYmZi5wdXNoKGgrXCI9XCIrZyl9KTtyZXR1cm4gZi5qb2luKGIpfSBmdW5jdGlvbiBnYihhLGIsYyxkLGUpe2lmKG51bGw9PWEpcmV0dXJuXCJcIjtiPWJ8fFwiJlwiO2M9Y3x8XCIsJFwiO1wic3RyaW5nXCI9PXR5cGVvZiBjJiYoYz1jLnNwbGl0KFwiXCIpKTtpZihhIGluc3RhbmNlb2YgQXJyYXkpe2lmKGQ9ZHx8MCxkPGMubGVuZ3RoKXtjb25zdCBmPVtdO2ZvcihsZXQgZz0wO2c8YS5sZW5ndGg7ZysrKWYucHVzaChnYihhW2ddLGIsYyxkKzEsZSkpO3JldHVybiBmLmpvaW4oY1tkXSl9fWVsc2UgaWYoXCJvYmplY3RcIj09dHlwZW9mIGEpcmV0dXJuIGU9ZXx8MCwyPmU%2FZW5jb2RlVVJJQ29tcG9uZW50KGZiKGEsYixjLGQsZSsxKSk6XCIuLi5cIjtyZXR1cm4gZW5jb2RlVVJJQ29tcG9uZW50KFN0cmluZyhhKSl9ZnVuY3Rpb24gaGIoYSl7bGV0IGI9MTtmb3IoY29uc3QgYyBpbi&i=2-6&t=adltag_lm49kuwr_dd4F5c3Fmxe&r=a415c6f06bcfe90a1dc0ddb191cee85&c=sheknows&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-19.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
G_RnelvHxLZRigY10NOQqcebDxJ14kwi
date
Sun, 03 Sep 2023 22:12:03 GMT
via
1.1 4a6fd791b6663fb7a124f5d43d11ba3c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
15491
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 00:29:17 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
jPik1-cv5Yl9DoVWu71gXTCjiTV8i-UR-xVgxqThcK70UeTX3K-Y3A==
place
sheknows-tagan.adlightning.com/ Frame DFF5 		0
419 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sheknows-tagan.adlightning.com/place?p=1&d=BhLmgpYj1jLmxlbmd0aD5iP2MubGVuZ3RoOmI7cmV0dXJuIDM5OTctYi1hLmkubGVuZ3RoLTF9IGZ1bmN0aW9uIGliKGEsYil7bGV0IGM9XCJodHRwczovL3BhZ2VhZDIuZ29vZ2xlc3luZGljYXRpb24uY29tXCIrYixkPWhiKGEpLWIubGVuZ3RoO2lmKDA%2BZClyZXR1cm5cIlwiO2EuZy5zb3J0KGZ1bmN0aW9uKGYsZyl7cmV0dXJuIGYtZ30pO2I9bnVsbDtsZXQgZT1cIlwiO2ZvcihsZXQgZj0wO2Y8YS5nLmxlbmd0aDtmKyspe2NvbnN0IGc9YS5nW2ZdLGg9YS5oW2ddO2ZvcihsZXQgaz0wO2s8aC5sZW5ndGg7aysrKXtpZighZCl7Yj1udWxsPT1iP2c6YjticmVha31sZXQgbD1mYihoW2tdLGEuaSxcIiwkXCIpO2lmKGwpe2w9ZStsO2lmKGQ%2BPWwubGVuZ3RoKXtkLT1sLmxlbmd0aDtjKz1sO2U9YS5pO2JyZWFrfWI9bnVsbD09Yj9nOmJ9fX1hPVwiXCI7bnVsbCE9YiYmKGE9ZStcInRybj1cIitiKTtyZXR1cm4gYythfWNsYXNzIGpie2NvbnN0cnVjdG9yKCl7dGhpcy5pPVwiJlwiO3RoaXMuaD17fTt0aGlzLmw9MDt0aGlzLmc9W119fTtmdW5jdGlvbiBrYihhKXtsZXQgYj1hLnRvU3RyaW5nKCk7YS5uYW1lJiYtMT09Yi5pbmRleE9mKGEubmFtZSkmJihiKz1cIjogXCIrYS5uYW1lKTthLm1lc3NhZ2UmJi0xPT1iLmluZGV4T2YoYS5tZXNzYWdlKSYmKGIrPVwiOiBcIithLm1lc3NhZ2UpO2lmKGEuc3RhY2spe2E9YS5zdGFjazt2YXIgYz1iO3RyeXstMT09YS5pbmRleE9mKGMpJiYoYT1jK1wiXFxuXCIrYSk7bGV0IGQ7Zm9yKDthIT1kOylkPWEsYT1hLnJlcGxhY2UoUmVnRXhwKFwiKChodHRwcz86Ly4uKi8pW14vOl0qOlxcXFxkKyg%2FOi58XFxuKSopXFxcXDJcIiksXCIkMVwiKTtiPWEucmVwbGFjZShSZWdFeHAoXCJcXG4gKlwiLFwiZ1wiKSxcIlxcblwiKX1jYXRjaChkKXtiPWN9fXJldHVybiBifSBmdW5jdGlvbiBsYihhLGIsYyxkKXtsZXQgZSxmO3RyeXthLmcmJmEuZy5nPyhmPWEuZy5zdGFydChiLnRvU3RyaW5nKCksMyksZT1jKCksYS5nLmVuZChmKSk6ZT1jKCl9Y2F0Y2goZyl7Yz0hMDt0cnl7ZGIoZiksYz1hLnUoYixuZXcgV2EoZyx7bWVzc2FnZTprYihnKX0pLHZvaWQgMCxkKX1jYXRjaChoKXthLmwoMjE3LGgpfWlmKGMpd2luZG93LmNvbnNvbGU%2FLmVycm9yPy4oZyk7ZWxzZSB0aHJvdyBnO31yZXR1cm4gZX1mdW5jdGlvbiBtYihhLGIsYyxkKXt2YXIgZT1YO3JldHVybiguLi5mKT0%2BbGIoZSxhLCgpPT5iLmFwcGx5KGMsZiksZCl9IHZhciBvYj1jbGFzc3tjb25zdHJ1Y3RvcihhPW51bGwpe3RoaXMucz1ZO3RoaXMuZz1hO3RoaXMuaD1udWxsO3RoaXMuaT0hMTt0aGlzLnU9dGhpcy5sfWwoYSxiLGMsZCxlKXtlPWV8fFwianNlcnJvclwiO2xldCBmO3RyeXtjb25zdCB3PW5ldyBqYjt3LmcucHVzaCgxKTt3LmhbMV09VyhcImNvbnRleHRcIixhKTtiLmVycm9yJiZiLm1ldGEmJmIuaWR8fChiPW5ldyBXYShiLHttZXNzYWdlOmtiKGIpfSkpO2lmKGIubXNnKXt2YXIgZz1iLm1zZy5zdWJzdHJpbmcoMCw1MTIpO3cuZy5wdXNoKDIpO3cuaFsyXT1XKFwibXNnXCIsZyl9Y29uc3QgVT1iLm1ldGF8fHt9O2lmKHRoaXMuaCl0cnl7dGhpcy5oKFUpfWNhdGNoKEEpe31pZihkKXRyeXtkKFUpfWNhdGNoKEEpe31iPVtVXTt3LmcucHVzaCgzKTt3LmhbM109YjtkPXQ7Yj1bXTtsZXQgbGE7Zz1udWxsO2Rve3ZhciBoPWQ7dHJ5e3ZhciBrO2lmKGs9ISFoJiZudWxsIT1oLmxvY2F0aW9uLmhyZWYpYjp7dHJ5e0koaC5mb28pO2s9ITA7YnJlYWsgYn1jYXRjaChBKXt9az0gITF9dmFyIGw9a31jYXRjaHtsPSExfWw%2FKGxhPWgubG9jYXRpb24uaHJlZixnPWguZG9jdW1lbnQmJmguZG9jdW1lbnQucmVmZXJyZXJ8fG51bGwpOihsYT1nLGc9bnVsbCk7Yi5wdXNoKG5ldyBaYShsYXx8XCJcIikpO3RyeXtkPWgucGFyZW50fWNhdGNoKEEpe2Q9bnVsbH19d2hpbGUoZCYmaCE9ZCk7Zm9yKGxldCBBPTAsUWE9Yi5sZW5ndGgtMTtBPD1RYTsrK0EpYltBXS5kZXB0aD1RYS1BO2g9dDtpZihoLmxvY2F0aW9uJiZoLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2lucyYmaC5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMubGVuZ3RoPT1iLmxlbmd0aC0xKWZvcihsPTE7bDxiLmxlbmd0aDsrK2wpe3ZhciBtPWJbbF07bS51cmx8fChtLnVybD1oLmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2luc1tsLTFdfHxcIlwiLG0ubz0hMCl9dmFyIG49YjtsZXQgbWE9bmV3IFphKHQubG9jYXRpb24uaHJlZiwhMSk7aD1udWxsO2NvbnN0IG5hPW4ubGVuZ3RoLTE7Zm9yKG09bmE7MDw9bTstLW0pe3ZhciBwPSBuW21dOyFoJiZYYS50ZXN0KHAudXJsKSYmKGg9cCk7aWYocC51cmwmJiFwLm8pe21hPXA7YnJlYWt9fXA9bnVsbDtjb25zdCBzYj1uLmxlbmd0aCYmbltuYV0udXJsOzAhPW1hLmRlcHRoJiZzYiYmKHA9bltuYV0pO2Y9bmV3IFlhKG1hLHApO2lmKGYuaCl7dmFyIHI9Zi5oLnVybHx8XCJcIjt3LmcucHVzaCg0KTt3LmhbNF09VyhcInRvcFwiLHIpfXZhciB1PXt1cmw6Zi5nLnVybHx8XCJcIn07aWYoZi5nLnVybCl7dmFyIHE9Zi5nLnVybC5tYXRjaChEYSksQz1xWzFdLEQ9cVszXSxSYT1xWzRdO249XCJcIjtDJiYobis9QytcIjpcIik7RCYmKG4rPVwiLy9cIixuKz1ELFJhJiYobis9XCI6XCIrUmEpKTt2YXIgU2E9bn1lbHNlIFNhPVwiXCI7dT1bdSx7dXJsOlNhfV07dy5nLnB1c2goNSk7dy5oWzVdPXU7bmIodGhpcy5zLGUsdyx0aGlzLmksYyl9Y2F0Y2godyl7dHJ5e25iKHRoaXMucyxlLHtjb250ZXh0OlwiZWNtc2VyclwiLHJjdHg6YSxtc2c6a2IodyksdXJsOmYmJmYuZy51cmx9LHRoaXMuaSxjKX1jYXRjaChVKXt9fXJldHVybiEwfX07Y2xhc3MgcGJ7fTtmdW5jdGlvbiBuYihhLGIsYyxkPSExLGUsZil7aWYoKGQ%2FYS5nOk1hdGgucmFuZG9tKCkpPChlfHwuMDEpKXRyeXtsZXQgZztjIGluc3RhbmNlb2YgamI%2FZz1jOihnPW5ldyBqYixLYShjLChrLGwpPT57dmFyIG09Zztjb25zdCBuPW0ubCsrO2s9VyhsLGspO20uZy5wdXNoKG4pO20uaFtuXT1rfSkpO2NvbnN0IGg9aWIoZyxcIi9wYWdlYWQvZ2VuXzIwND9pZD1cIitiK1wiJlwiKTtoJiYoXCJ1bmRlZmluZWRcIiE9PXR5cGVvZiBmP01hKGgsZik6TWEoaCkpfWNhdGNoKGcpe319ZnVuY3Rpb24gcWIoKXt2YXIgYT1ZLGI9d2luZG93Lmdvb2dsZV9zcnQ7MDw9YiYmMT49YiYmKGEuZz1iKX1jbGFzcyByYntjb25zdHJ1Y3Rvcigpe3RoaXMuZz1NYXRoLnJhbmRvbSgpfX07bGV0IFksWDtjb25zdCBaPW5ldyBlYjt2YXIgdGI9KCk9Pnt3aW5kb3cuZ29vZ2xlX21lYXN1cmVfanNfdGltaW5nfHwoWi5nPSExLFouaCE9Wi5pLmdvb2dsZV9qc19yZXBvcnRpbmdfcXVldWUmJihWKCkmJkFycmF5LnByb3RvdHlwZS5mb3JFYWNoLmNhbGwoWi5oLGRiLHZvaWQgMCksWi5oLmxlbmd0aD0wKSl9OyhhPT57WT1hPz9uZXcgcmI7XCJudW1iZXJcIiE9PXR5cGVvZiB3aW5kb3cuZ29vZ2xlX3NydCYmKHdpbmRvdy5nb29nbGVfc3J0PU1hdGgucmFuZG9tKCkpO3FiKCk7WD1uZXcgb2IoWik7WC5oPWI9Pnt2YXIgYz1PYTswIT09YyYmKGIuamM9U3RyaW5nKGMpLGM9KGM9UGEoYyxkb2N1bWVudC5jdXJyZW50U2NyaXB0KSkmJmMuZ2V0QXR0cmlidXRlKFwiZGF0YS1qYy12ZXJzaW9uXCIpfHxcInVua25vd25cIixiLnNodj1jKX07WC5pPSEwO1wiY29tcGxldGVcIj09d2luZG93LmRvY3VtZW50LnJlYWR5U3RhdGU%2FdGIoKTpaLmcmJkNhKHdpbmRvdyxcImxvYWRcIiwoKT0%2Be3RiKCl9KX0pKCk7IHZhciB1Yj0oYSxiLGMsZCk9Pm1iKGEsYixjLGQpLHZiPShhLGIsYyxkKT0%2Be3ZhciBlPXBiO3ZhciBmPVwibVwiO2UubSYmZS5oYXNPd25Qcm9wZXJ0eShmKXx8KGY9bmV3IGUsZS5tPWYpO2U9W107IWIuZWlkJiZlLmxlbmd0aCYmKGIuZWlkPWUudG9TdHJpbmcoKSk7bmIoWSxhLGIsITAsYyxkKX07ZnVuY3Rpb24gd2IoKXtjb25zdCBhPXdpbmRvdztpZihhLmdtYVNka3x8YS53ZWJraXQ%2FLm1lc3NhZ2VIYW5kbGVycz8uZ2V0R21hVmlld1NpZ25hbHMpcmV0dXJuIGE7dHJ5e2NvbnN0IGI9d2luZG93LnBhcmVudDtpZihiLmdtYVNka3x8Yi53ZWJraXQ%2FLm1lc3NhZ2VIYW5kbGVycz8uZ2V0R21hVmlld1NpZ25hbHMpcmV0dXJuIGJ9Y2F0Y2goYil7fXJldHVybiBudWxsfSBmdW5jdGlvbiB4YihhLGI9e30sYz0oKT0%2Be30sZD0oKT0%2Be30sZT0yMDAsZixnKXtjb25zdCBoPVN0cmluZyhNYXRoLmZsb29yKDIxNDc0ODM2NDcqSmEoKSkpO2xldCBrPTA7Y29uc3QgbD1tPT57dHJ5e2NvbnN0IG49XCJvYmplY3RcIj09PXR5cGVvZiBtLmRhdGE%2FbS5kYXRhOkpTT04ucGFyc2UobS5kYXRhKTtoPT09bi5wYXdfaWQmJih3aW5kb3cuY2xlYXJUaW1lb3V0KGspLHdpbmRvdy5yZW1vdmVFdmVudExpc3RlbmVyKFwibWVzc2FnZVwiLGwpLG4uc2lnbmFsP2Mobi5zaWduYWwpOm4uZXJyb3ImJmQobi5lcnJvcikpfWNhdGNoKG4pe2coXCJwYXdfc2lnc1wiLHttc2c6XCJwb3N0bWVzc2FnZUVycm9yXCIsZXJyOm4gaW5zdGFuY2VvZiBFcnJvcj9uLm1lc3NhZ2U6XCJub25FcnJvclwiLGRhdGE6bnVsbD09bS5kYXRhP1wibnVsbFwiOjUwMDxtLmRhdGEubGVuZ3RoP20uZGF0YS5zdWJzdHJpbmcoMCw1MDApOm0uZGF0YX0pfX07d2luZG93LmFkZEV2ZW50TGlzdGVuZXIoXCJtZXNzYWdlXCIsbT0%2Be2YoOTAzLCAoKT0%2Be2wobSl9KSgpfSk7YS5wb3N0TWVzc2FnZSh7cGF3X2lkOmgsLi4uYn0pO2s9d2luZG93LnNldFRpbWVvdXQoKCk9Pnt3aW5kb3cucmVtb3ZlRXZlbnRMaXN0ZW5lcihcIm1lc3NhZ2VcIixsKTtkKFwiUEFXIEdNQSBwb3N0bWVzc2FnZSB0aW1lZCBvdXQuXCIpfSxlKX07ZnVuY3Rpb24geWIoYT1kb2N1bWVudCl7cmV0dXJuISFhLmZlYXR1cmVQb2xpY3k%2FLmFsbG93ZWRGZWF0dXJlcygpLmluY2x1ZGVzKFwiYXR0cmlidXRpb24tcmVwb3J0aW5nXCIpfTt2YXIgemI9Y2xhc3MgZXh0ZW5kcyBPe307ZnVuY3Rpb24gQWIoYSxiKXtyZXR1cm4gTihhLDIsYil9ZnVuY3Rpb24gQmIoYSxiKXtyZXR1cm4gTihhLDMsYil9ZnVuY3Rpb24gQ2IoYSxiKXtyZXR1cm4gTihhLDQsYil9ZnVuY3Rpb24gRGIoYSxiKXtyZXR1cm4gTihhLDUsYil9ZnVuY3Rpb24gRWIoYSxiKXtyZXR1cm4gTihhLDksYil9ZnVuY3Rpb24gRmIoYSxiKXt2YXIgYz1iO2I9YS5qO2NvbnN0IGQ9YltLXTtpZihkJjIpdGhyb3cgRXJyb3IoKTtpZihudWxsIT1jKXt2YXIgZT0hIWMubGVuZ3RoO2Zvcih2YXIgZj0wO2Y8Yy5sZW5ndGg7ZisrKXt2YXIgZz1jW2ZdO2U9ZSYmISgoZy5qW0tdfDApJjIpfWY9Y1tLXXwwO2c9ZnwxO2U9KGU%2FZ3w4OmcmLTkpfDQ7ZSE9ZiYmKE9iamVjdC5pc0Zyb3plbihjKSYmKGM9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYykpLGNbS109ZSl9bnVsbD09YyYmKGM9dm9pZCAwKTt3YShiLGQsMTAsYyk7cmV0dXJuIGF9IGZ1bmN0aW9uIEdiKGEsYil7cmV0dXJuIHZhKGEsMTEsbnVsbD09Yj9iOm9hKGIpKX1mdW5jdGlvbiBIYihhLGIpe3JldHVybiBOKGEsMSxiKX1mdW5jdGlvbiBJYihhLGIpe3JldHVybiB2YShhLDcsbnVsbD09Yj9iOm9hKGIpKX12YXIgSmI9Y2xhc3MgZXh0ZW5kcyBPe307SmIuQT1bMTAsNl07Y29uc3QgS2I9XCJwbGF0Zm9ybSBwbGF0Zm9ybVZlcnNpb24gYXJjaGl0ZWN0dXJlIG1vZGVsIHVhRnVsbFZlcnNpb24gYml0bmVzcyBmdWxsVmVyc2lvbkxpc3Qgd293NjRcIi5zcGxpdChcIiBcIik7ZnVuY3Rpb24gTGIoKXt2YXIgYT13aW5kb3c7aWYoXCJmdW5jdGlvblwiIT09dHlwZW9mIGEubmF2aWdhdG9yPy51c2VyQWdlbnREYXRhPy5nZXRIaWdoRW50cm9weVZhbHVlcylyZXR1cm4gbnVsbDtjb25zdCBiPWEuZ29vZ2xlX3RhZ19kYXRhPz8oYS5nb29nbGVfdGFnX2RhdGE9e30pO2lmKGIudWFjaF9wcm9taXNlKXJldHVybiBiLnVhY2hfcHJvbWlzZTthPWEubmF2aWdhdG9yLnVzZXJBZ2VudERhdGEuZ2V0SGlnaEVudHJvcHlWYWx1ZXMoS2IpLnRoZW4oYz0%2Be2IudWFjaD8%2FKGIudWFjaD1jKTtyZXR1cm4gY30pO3JldHVybiBiLnVhY2hfcHJvbWlzZT1hfSBmdW5jdGlvbiBNYihhKXtyZXR1cm4gR2&i=3-6&t=adltag_lm49kuwr_dd4F5c3Fmxe&r=a415c6f06bcfe90a1dc0ddb191cee85&c=sheknows&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-19.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
G_RnelvHxLZRigY10NOQqcebDxJ14kwi
date
Sun, 03 Sep 2023 22:12:03 GMT
via
1.1 4a6fd791b6663fb7a124f5d43d11ba3c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
15491
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 00:29:17 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
m_5Dfn2u0EY0OOqA7myLvqPRVySLiLJExMgsT8StqwQEkycgVxDzXw==
place
sheknows-tagan.adlightning.com/ Frame DFF5 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sheknows-tagan.adlightning.com/place?p=1&d=IoRmIoRGIoQWIoSGIoQ2IoSWIoRWIoQmIobmV3IEpiLGEuYXJjaGl0ZWN0dXJlfHxcIlwiKSxhLmJpdG5lc3N8fFwiXCIpLGEubW9iaWxlfHwhMSksYS5tb2RlbHx8XCJcIiksYS5wbGF0Zm9ybXx8XCJcIiksYS5wbGF0Zm9ybVZlcnNpb258fFwiXCIpLGEudWFGdWxsVmVyc2lvbnx8XCJcIiksYS5mdWxsVmVyc2lvbkxpc3Q%2FLm1hcChiPT57dmFyIGM9bmV3IHpiO2M9TihjLDEsYi5icmFuZCk7cmV0dXJuIE4oYywyLGIudmVyc2lvbil9KXx8W10pLGEud293NjR8fCExKX1mdW5jdGlvbiBOYigpe3JldHVybiBMYigpPy50aGVuKGE9Pk1iKGEpKT8%2FbnVsbH07Y2xhc3MgT2J7Y29uc3RydWN0b3IoKXt0aGlzLnByb21pc2U9bmV3IFByb21pc2UoYT0%2Be3RoaXMuZz1hfSl9fTt3aW5kb3cudmlld1JlcT1bXTtmdW5jdGlvbiBQYihhLGIpe2I%2FKGI9TGEoKSxiLnNyYz1hLnJlcGxhY2UoXCImYW1wO1wiLFwiJlwiKSxiLmF0dHJpYnV0aW9uU3JjPVwiXCIsd2luZG93LnZpZXdSZXEucHVzaChiKSk6KGI9bmV3IEltYWdlLGIuc3JjPWEucmVwbGFjZShcIiZhbXA7XCIsXCImXCIpLHdpbmRvdy52aWV3UmVxLnB1c2goYikpfSBmdW5jdGlvbiBRYihhLGIpe2NvbnN0IGM9e2tlZXBhbGl2ZTohMCxjcmVkZW50aWFsczpcImluY2x1ZGVcIixyZWRpcmVjdDpcImZvbGxvd1wiLG1ldGhvZDpcImdldFwiLG1vZGU6XCJuby1jb3JzXCJ9O2ImJihjLm1vZGU9XCJjb3JzXCIsXCJzZXRBdHRyaWJ1dGlvblJlcG9ydGluZ1wiaW4gWE1MSHR0cFJlcXVlc3QucHJvdG90eXBlP2MuYXR0cmlidXRpb25SZXBvcnRpbmc9e2V2ZW50U291cmNlRWxpZ2libGU6XCJ0cnVlXCIsdHJpZ2dlckVsaWdpYmxlOlwiZmFsc2VcIn06Yy5oZWFkZXJzPXtcIkF0dHJpYnV0aW9uLVJlcG9ydGluZy1FbGlnaWJsZVwiOlwiZXZlbnQtc291cmNlXCJ9KTtmZXRjaChhLGMpLmNhdGNoKCgpPT57UGIoYSxiKX0pfWZ1bmN0aW9uIFJiKGEsYil7d2luZG93LmZldGNoP1FiKGEsYik6UGIoYSxiKX1PYT00Mjsgd2luZG93LnZ1PWE9Pnt2YXIgYj1SKHphKXx8UihCYSk7Y29uc3QgYz13YigpO2lmKGImJmM%2FLmdtYVNkaz8uZ2V0Vmlld1NpZ25hbHMpe3ZhciBkPWMuZ21hU2RrLmdldFZpZXdTaWduYWxzKCk7ZCYmIVIoQmEpJiYoYT1RKGEsXCImbXM9XCIrZCkpfVIoeWEpJiZcIl9fZ29vZ2xlX2xpZGFyX3JhZGZfXCJpbiB3aW5kb3cmJihhPVEoYSxcIiZhdnJhZGY9MVwiKSk7Y29uc3QgZT1bXTtkPSgpPT57Y29uc3QgZz1uZXcgT2I7ZS5wdXNoKGcucHJvbWlzZSk7cmV0dXJuIGcuZ307aWYoUihBYSkpe2NvbnN0IGc9TmIoKTtpZihudWxsIT1nKXtjb25zdCBoPWQoKTtnLnRoZW4oaz0%2Be2E6e2phPSEwO3RyeXt2YXIgbD1KU09OLnN0cmluZ2lmeShrLnRvSlNPTigpLHFhKTticmVhayBhfWZpbmFsbHl7amE9ITF9bD12b2lkIDB9az1bXTtmb3IodmFyIG09MCxuPTA7bjxsLmxlbmd0aDtuKyspe3ZhciBwPWwuY2hhckNvZGVBdChuKTsyNTU8cCYmKGtbbSsrXT1wJjI1NSxwPj49OCk7a1ttKytdPXB9bD0zOyB2b2lkIDA9PT1sJiYobD0wKTtpZighSilmb3IoSj17fSxtPVwiQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVphYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ejAxMjM0NTY3ODlcIi5zcGxpdChcIlwiKSxuPVtcIisvPVwiLFwiKy9cIixcIi1fPVwiLFwiLV8uXCIsXCItX1wiXSxwPTA7NT5wO3ArKyl7dmFyIHI9bS5jb25jYXQobltwXS5zcGxpdChcIlwiKSk7ZGFbcF09cjtmb3IodmFyIHU9MDt1PHIubGVuZ3RoO3UrKyl7dmFyIHE9clt1XTt2b2lkIDA9PT1KW3FdJiYoSltxXT11KX19bD1kYVtsXTttPUFycmF5KE1hdGguZmxvb3Ioay5sZW5ndGgvMykpO249bFs2NF18fFwiXCI7Zm9yKHA9cj0wO3I8ay5sZW5ndGgtMjtyKz0zKXt2YXIgQz1rW3JdLEQ9a1tyKzFdO3E9a1tyKzJdO3U9bFtDPj4yXTtDPWxbKEMmMyk8PDR8RD4%2BNF07RD1sWyhEJjE1KTw8MnxxPj42XTtxPWxbcSY2M107bVtwKytdPXUrQytEK3F9dT0wO3E9bjtzd2l0Y2goay5sZW5ndGgtcil7Y2FzZSAyOnU9a1tyKzFdLHE9bFsodSYxNSk8PDJdfHwgbjtjYXNlIDE6az1rW3JdLG1bcF09bFtrPj4yXStsWyhrJjMpPDw0fHU%2BPjRdK3Erbn1rPW0uam9pbihcIlwiKTswPGsubGVuZ3RoJiYoYT1RKGEsXCImdWFjaD1cIitrKSk7aCgpfSl9fWlmKGImJmM%2FLndlYmtpdD8ubWVzc2FnZUhhbmRsZXJzPy5nZXRHbWFWaWV3U2lnbmFscyl7Y29uc3QgZz1kKCk7eGIoYy53ZWJraXQubWVzc2FnZUhhbmRsZXJzLmdldEdtYVZpZXdTaWduYWxzLHt9LGg9PntSKEJhKXx8KGE9UShhLFwiJlwiK2gpKTtnKCl9LCgpPT57ZygpfSwyMDAsdWIsdmIpfWNvbnN0IGY9R2EoYSk9PT0oMikudG9TdHJpbmcoKTtmJiYoYj15Yih3aW5kb3cuZG9jdW1lbnQpPzY6NSxhPUlhKGEsYikpOzA8ZS5sZW5ndGg%2FUHJvbWlzZS5hbGwoZSkudGhlbigoKT0%2Be1JiKGEsZil9KTpSYihhLGYpfTt9KS5jYWxsKHRoaXMpOzwvc2NyaXB0PjxzY3JpcHQ%2BdnUoXCJodHRwczovL3NlY3VyZXB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldC9wY3Mvdmlldz94YWlcXHgzZEFLQU9qc3NXNVo0bUVENVdrTjB0NWt3ZjdQNDhWQng3b21XbTlpMXJranZmTEstVU5UdmZWRFd4ZEx4MmlHMFlrdnhrU19oUHktUlFjdGU0eExyZ3pnaXk1NDFOOXZnaVRSejNmQVF1SzNFTTdJQWdvM3FpMFhFQnBkQjQyaDFpZHRQQWJrdkhUejRTQlc5ejBOZE9mTXFkdEtyMUY5Y2k3NlUyN2FrNG9mMkx0a1l2UzZHUm1ycHRROE9kVEZsenZDYU5JMV9idmZVcXl3RUJyUlpqTEM1WWRFTVFma0lVOXJXQUtCQUppT01GT3NGbGxEaEtPbVNQUjE5V3czbDJ3ZFlVS3RmdjRTWlRHY1g5TXE2Q2VMWU9OcjhEems4aXdOdGtpNGZIX3B5U1ZQSkxqbVBoV0dVTHJhODZmZTdwcG5KY1FrVjkzYkFMd3I4UkRvU09sLV8tbVVqa2lMd2JpbEhJRnZ2MTh3XFx4MjZzYWlcXHgzZEFNZmwtWVE3OTJwOWpXZjlzN0lYOU40dXlrMVVIXzRobEkxWldiRVYtMFRGMHlHZ19QeUtZb1M4VWVSSW5WOWEyT1ItbmM3TldrcVQyUTRSMjRXSmJCSlpGSkxIdVZSZGxkam9Qc3lBRFZxRkR1VXRPNGk4NGRnSC10Z21BalFzckdZXFx4MjZzaWdcXHgzZENnMEFyS0pTekxSTFJwT3JiTjlNRUFFXFx4MjZ1YWNoX21cXHgzZFtVQUNIXVxceDI2dXJsZml4XFx4M2QxXFx4MjZhZHVybFxceDNkXCIpPC9zY3JpcHQ%2BPGRpdiBjbGFzcz1cIkdvb2dsZUFjdGl2ZVZpZXdJbm5lckNvbnRhaW5lclwiIHN0eWxlPVwibGVmdDowcHg7dG9wOjBweDt3aWR0aDoxMDAlO2hlaWdodDoxMDAlO3Bvc2l0aW9uOmZpeGVkO3BvaW50ZXItZXZlbnRzOm5vbmU7ei1pbmRleDotOTk5OTtcIj48L2Rpdj48ZGl2IHN0eWxlPVwiZGlzcGxheTppbmxpbmVcIiBjbGFzcz1cIkdvb2dsZUFjdGl2ZVZpZXdFbGVtZW50XCIgZGF0YS1nb29nbGUtYXYtY3huPVwiaHR0cHM6Ly9wYWdlYWQyLmdvb2dsZXN5bmRpY2F0aW9uLmNvbS9wY3MvYWN0aXZldmlldz94YWk9QUtBT2pzdFNoVWNJeUtySXN6X0p4dlF2M1hEdmsxWTU1MnNJU01ONDlqanZ0LVBncms5bUxnbHNPT1dVN1ZrY3BGeWlydUpNQmo0UVU3U1VxcnZXcUVxem15TktoRkJubElSei1ScDdfd2RfV2N2QTdZai0yNHFjaTV6cFRNek92Ymw0JmFtcDtzaWc9Q2cwQXJLSlN6S0x4cFBka2Y0M1FFQUVcIiBkYXRhLWdvb2dsZS1hdi1hZGs9XCI1MzE0MjgwNjNcIiBkYXRhLWdvb2dsZS1hdi1tZXRhZGF0YT1cImxhPTAmYW1wO3hkaT0wJmFtcDtcIiBkYXRhLWdvb2dsZS1hdi11ZnMtaW50ZWdyYXRvci1tZXRhZGF0YT1cIkV1QUJDdGtCYUhSMGNITTZMeTl3WVdkbFlXUXlMbWR2YjJkc1pYTjVibVJwWTJGMGFXOXVMbU52YlM5d1kzTXZZV04wYVhabGRtbGxkejk0WVdrOVFVdEJUMnB6ZEZOb1ZXTkplVXR5U1hONlgwcDRkbEYyTTFoRWRtc3hXVFUxTW5OSlUwMU9ORGxxYW5aMExWQm5jbXM1YlV4bmJITlBUMWRWTjFaclkzQkdlV2x5ZFVwTlFtbzBVVlUzVTFWeGNuWlhjVVZ4ZW0xNVRrdG9Sa0p1YkVsU2VpMVNjRGRmZDJSZlYyTjJRVGRaYWkweU5IRmphVFY2Y0ZSTmVrOTJZbXcwSm5OcFp6MURaekJCY2t0S1UzcExUSGh3VUdSclpqUXpVVVZCUlJJQUdnQVwiIGRhdGEtZ29vZ2xlLWF2LW92ZXJyaWRlPVwiLTFcIiBkYXRhLWdvb2dsZS1hdi1kbT1cIjJcIiBkYXRhLWdvb2dsZS1hdi1haWQ9XCIwXCIgZGF0YS1nb29nbGUtYXYtbmFpZD1cIjFcIiBkYXRhLWdvb2dsZS1hdi1zbGlmdD1cIlwiIGRhdGEtZ29vZ2xlLWF2LWNwbWF2PVwiXCIgZGF0YS1nb29nbGUtYXYtYnRyPVwiaHR0cHM6Ly9zZWN1cmVwdWJhZHMuZy5kb3VibGVjbGljay5uZXQvcGNzL3ZpZXc%2FeGFpPUFLQU9qc3R2SmZWSlc2V2ZVN2tUNVE3aEs0OU5sUlJZSHlXMWZ0QW4weG5kZ28zVEthMmpSVzFYTjI2UFFTay1WYThtZnlPZDctQ2pPb2Vib0hzbURmMXp0Yzdpa1ctc2Z2eEFDMjZVaE5FckFCN1VoaTY5U2N2YlIwNktlbmRRcnU1VXpZaXZaaExnVFBnVHBpa1RaWXdLQmhSTUVaR09SSlBaclFxUEhHRXhpRmJaU1NUU19kcE5OWWhmQkVNSXJuNmJzaS1kN19KWlVUZjFkSFRkU0FqdHFUY280MkV5bzZlMUNKRk1CdExQM2NBUGZpNElpRllvYk1MSnNWMF9PV2NpcUUwaXNqamZiUW1aVDdsZEZkeFlfc2gtcF8xUlFtdWpoTWVNcEtMTXZXV1ZRSlh6Ni1OTFowTWp3R0V1ZUxVLUpNWXktdmd3b0JUN0xtSHFfRUVNR2prS0tINWYwTFZDWkxiMXBGTUgmYW1wO3NhaT1BTWZsLVlSS3BfU3loTURXWENjWnVCLVhER21hdURmVTIwZENpc0JVQVc0bTBXcGJncHlkd1pkZG55U2tJNWh6VG5lS1Nlb0l2T1lQTXY0WlVxejR6ZWt1SnVQMk1XT28yYTZvLUIzZ0Y2ZEpsaWxUYWM4TjYzMFB5dmp6b2JuMy1scyZhbXA7c2lnPUNnMEFyS0pTekhDSU1nWTlud1A2RUFFJmFtcDt1YWNoX209W1VBQ0hdJmFtcDt1cmxmaXg9MSZhbXA7YWR1cmw9XCIgZGF0YS1nb29nbGUtYXYtaXRwbD1cIjE5XCIgZGF0YS1nb29nbGUtYXYtcnM9XCI0XCIgZGF0YS1nb29nbGUtYXYtZmxhZ3M9XCJbJnF1b3Q7eCUyNzg0NDAnOWVmb3RtKCZhbXA7NzUzMzc0JTJiZWp2Zi8lMjc4NDQ%2BJzl3dXZiJCZhbXA7NTY1MzM%2BIT18dnFjKSEyNzM3OTQmYW1wOzxxcXZiLyU8MTczNTAyMCE9bmVodWAvITM2ND01MDUxITlhYmt7YSgkMTYwMjEwOjMmYW1wOzxjYm90ZisqMDE1MDAzNDolMmJlanZmLyU3MjsxNzYxMyE9ZWZkd2EqJzc2NDYzOzIxJD9lYmtwYiQmYW1wOzAzNjY3MTc%2BKj5iZ2lwZishMz03MTIzNjMlOWFpaHdjKSE3MjAyPDIxNyc5ZWZvdG0oJmFtcDsyMDA2MTs0OCZhbXA7PmBkb3BiLyU8MTcwNzIwMCE9OCgmYW1wOzIwMDU1NzU%2FJmFtcDs%2BYGRvcGIvJTwxNzA2NDI%2FIT18dnFjKSE3MjAxOz01MCc5d3V2YiQmYW1wOzAzNjQxNjU0Kj5iZ2lwZishMz03MzExMDMlOWFpaHdjKSE3MjAwPzA3Myc5ZWZvdG0oJmFtcDsyMDA0PzUxOyZhbXA7PmBkb3BiLyU8MTc%2BNDc0PiE9bmVodWAvITM2NDA2NDEyITlhYmt7YSgkMTY3NzQ1Oz0mYW1wOzxjYm90ZisqMDEyNTQxMzMlMmJlanZmLyU3Mjw0MzQxMiE9ZWZkd2EqJzc2MzI2PjcxJD8zLyU3Mjw2MDUzMCE9ZWZkd2F7JnF1b3Q7XVwiIGRhdGEtY3JlYXRpdmUtbG9hZC1saXN0ZW5lcj1cIlwiPlxuICAgIDxpbnMgaWQ9XCJmcmllbmRseV82MDY1MzkyNlwiPjwvaW5zPlxuICAgIDxzY3JpcHQ%2BXG4gICAgdmFyIG9yaWdpbiA9XG4gICAgd2luZG93ICE9IHdpbmRvdy50b3AgJiYgd2luZG93LmxvY2F0aW9uLmFuY2VzdG9yT3JpZ2luc1xuICAgICAgPyB3aW5kb3cubG9jYXRpb24uYW5jZXN0b3JPcmlnaW5zW1xuICAgICAgICAgIHdpbmRvdy5sb2NhdGlvbi5hbmNlc3Rvck9yaWdpbnMubGVuZ3RoIC0gMVxuICAgICAgICBdXG4gICAgICA6IFN0cmluZyhkb2N1bWVudC5sb2NhdGlvbik7XG4gICAgdmFyIHJlZmVycmVyID0gU3RyaW5nKGRvY3VtZW50LmxvY2F0aW9uKTtcbiAgICB2YXIgdXJsID0gXCJodHRwczovL2Fkcy5iaWRzdHJlYW1zZXJ2ZXIuY29tL3NlcnZsZXQvdmlldy9iYW5uZXIvamF2YXNjcmlwdC96b25lP3ppZD00NjImZnJpZW5kbHk9ZnJpZW5kbHlfNjA2NTM5MjYmcGlkPTEmcmVmcmVzaD02MCZyZWZyZXNoX2xpbW&i=4-6&t=adltag_lm49kuwr_dd4F5c3Fmxe&r=a415c6f06bcfe90a1dc0ddb191cee85&c=sheknows&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-19.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
G_RnelvHxLZRigY10NOQqcebDxJ14kwi
date
Sun, 03 Sep 2023 22:12:03 GMT
via
1.1 4a6fd791b6663fb7a124f5d43d11ba3c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
15491
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 00:29:17 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
-p8x94Yssnw6J4rqyCUl8MkOclZ6RNHeuHglJFOSSNCR5626PEcXTg==
place
sheknows-tagan.adlightning.com/ Frame DFF5 		0
418 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sheknows-tagan.adlightning.com/place?p=1&d=l0PTEmcm1waWQ9dHJ1ZSZyYW5kb209NjA2NTM5MjYmZW5jb2RlPTFcIlxuICAgIHVybCArPSBcIiZvcmlnaW49XCIgKyBlbmNvZGVVUklDb21wb25lbnQob3JpZ2luKVxuICAgIGlmIChyZWZlcnJlcikgdXJsICs9IFwiJnJlZmVycmVyPVwiICsgcmVmZXJyZXI7XG4gICAgdmFyIHMgPSBkb2N1bWVudC5jcmVhdGVFbGVtZW50KFwic2NyaXB0XCIpXG4gICAgcy5zcmM9IHVybFxuICAgIGRvY3VtZW50LmhlYWQuYXBwZW5kQ2hpbGQocylcbiAgICA8L3NjcmlwdD5cbiAgICA8L2Rpdj48c2NyaXB0IGlkPVwiZ29vZ2xlQWN0aXZlVmlld0Rpc3BsYXlTY3JpcHRcIiBzcmM9XCJodHRwczovL3d3dy5nb29nbGV0YWdzZXJ2aWNlcy5jb20vYWN0aXZldmlldy9qcy9jdXJyZW50L3J4X2xpZGFyLmpzP2NhY2hlPXIyMDExMDkxNFwiPjwvc2NyaXB0PjxzY3JpcHQgdHlwZT1cInRleHQvamF2YXNjcmlwdFwiPm9zZGxmbSgpOzwvc2NyaXB0PjxkaXYgc3R5bGU9XCJib3R0b206MDtyaWdodDowO3dpZHRoOjcyOHB4O2hlaWdodDo5MHB4O2JhY2tncm91bmQ6aW5pdGlhbCAhaW1wb3J0YW50O3Bvc2l0aW9uOmFic29sdXRlICFpbXBvcnRhbnQ7bWF4LXdpZHRoOjEwMCUgIWltcG9ydGFudDttYXgtaGVpZ2h0OjEwMCUgIWltcG9ydGFudDtwb2ludGVyLWV2ZW50czpub25lICFpbXBvcnRhbnQ7aW1hZ2UtcmVuZGVyaW5nOnBpeGVsYXRlZCAhaW1wb3J0YW50O3otaW5kZXg6MjE0NzQ4MzY0NztiYWNrZ3JvdW5kLWltYWdlOnVybCgnZGF0YTppbWFnZS9wbmc7YmFzZTY0LGlWQk9SdzBLR2dvQUFBQU5TVWhFVWdBQUFDc0FBQUFXQkFNQUFBQ3JsM2lBQUFBQUJsQk1WRVVBQUFEK0FjaVdtWnpXQUFBQUFuUlNUbE1BQXBpZHJCUUFBQUI0U1VSQlZCalRiWkFCRHNBd0NBTDFCL3ovdGMwVUdGM1dwS21tRjBTcS9rL3YyU282ekM4S1FIUzkxTHpsVGh5bWVEdlQvYVd0amREbWJPbkxpWTVSK242azJuY2RVZFpQK09hdXBXcC9pTTFkMDRDblV6dDRPWUVXVGQ5a2kwNWcxMUFnaUJRNGhGRldJTXdsODc3MnpRUXYvbkxTMnZjQWRud0Y5U2s5TDdZQUFBQUFTVVZPUks1Q1lJST0nKSAhaW1wb3J0YW50O1wiPjwvZGl2PjxzY3JpcHQgZGF0YS1qYz1cIjEwM1wiIGRhdGEtamMtdmVyc2lvbj1cInIyMDIzMDgzMFwiIGRhdGEtamNwLWJhc2VfdXJsPVwiaHR0cHM6Ly9nb29nbGVhZHMuZy5kb3VibGVjbGljay5uZXQvcGFnZWFkL2NvbnZlcnNpb24vP2FpPSZhbXA7c2lnaD1CcG5meElhYXVRVVwiIGRhdGEtamNwLWNwdV9sYWJlbD1cImhlYXZ5X2FkX2ludGVydmVudGlvbl9jcHVcIiBkYXRhLWpjcC1uZXRfbGFiZWw9XCJoZWF2eV9hZF9pbnRlcnZlbnRpb25fbmV0d29ya1wiPihmdW5jdGlvbigpey8qICBDb3B5cmlnaHQgVGhlIENsb3N1cmUgTGlicmFyeSBBdXRob3JzLiBTUERYLUxpY2Vuc2UtSWRlbnRpZmllcjogQXBhY2hlLTIuMCAqLyAndXNlIHN0cmljdCc7dmFyIGw9dGhpc3x8c2VsZjt2YXIgbSxwO2E6e2Zvcih2YXIgdT1bXCJDTE9TVVJFX0ZMQUdTXCJdLHY9bCx3PTA7dzx1Lmxlbmd0aDt3KyspaWYodj12W3Vbd11dLG51bGw9PXYpe3A9bnVsbDticmVhayBhfXA9dn12YXIgeD1wJiZwWzYxMDQwMTMwMV07bT1udWxsIT14P3g6ITE7dmFyIHk7Y29uc3Qgej1sLm5hdmlnYXRvcjt5PXo%2Fei51c2VyQWdlbnREYXRhfHxudWxsOm51bGw7ZnVuY3Rpb24gQShhKXtyZXR1cm4gbT95P3kuYnJhbmRzLnNvbWUoKHticmFuZDpifSk9PmImJi0xIT1iLmluZGV4T2YoYSkpOiExOiExfWZ1bmN0aW9uIEIoYSl7dmFyIGI7YTp7aWYoYj1sLm5hdmlnYXRvcilpZihiPWIudXNlckFnZW50KWJyZWFrIGE7Yj1cIlwifXJldHVybi0xIT1iLmluZGV4T2YoYSl9O2Z1bmN0aW9uIEMoKXtyZXR1cm4gbT8hIXkmJjA8eS5icmFuZHMubGVuZ3RoOiExfWZ1bmN0aW9uIEQoKXtyZXR1cm4gQygpP0EoXCJDaHJvbWl1bVwiKTooQihcIkNocm9tZVwiKXx8QihcIkNyaU9TXCIpKSYmIShDKCk%2FMDpCKFwiRWRnZVwiKSl8fEIoXCJTaWxrXCIpfTshQihcIkFuZHJvaWRcIil8fEQoKTtEKCk7QihcIlNhZmFyaVwiKSYmKEQoKXx8KEMoKT8wOkIoXCJDb2FzdFwiKSl8fChDKCk%2FMDpCKFwiT3BlcmFcIikpfHwoQygpPzA6QihcIkVkZ2VcIikpfHwoQygpP0EoXCJNaWNyb3NvZnQgRWRnZVwiKTpCKFwiRWRnL1wiKSl8fEMoKSYmQShcIk9wZXJhXCIpKTtjb25zdCBFPVN5bWJvbCgpO2Z1bmN0aW9uIEYoYSl7Y29uc3QgYj1hW0VdfDA7MSE9PShiJjEpJiYoT2JqZWN0LmlzRnJvemVuKGEpJiYoYT1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChhKSksYVtFXT1ifDEpfWZ1bmN0aW9uIEcoKXt2YXIgYT1bXTthW0VdfD0xO3JldHVybiBhfWZ1bmN0aW9uIEgoYSl7YT1hPj4xMSYxMDIzO3JldHVybiAwPT09YT81MzY4NzA5MTI6YX07dmFyIEk9e307ZnVuY3Rpb24gSihhKXtyZXR1cm4gbnVsbCE9PWEmJlwib2JqZWN0XCI9PT10eXBlb2YgYSYmIUFycmF5LmlzQXJyYXkoYSkmJmEuY29uc3RydWN0b3I9PT1PYmplY3R9bGV0IEw7dmFyIE07Y29uc3QgTj1bXTtOW0VdPTM5O009T2JqZWN0LmZyZWV6ZShOKTtsZXQgTztmdW5jdGlvbiBhYShhLGIpe3JldHVybiBQKGIpfWZ1bmN0aW9uIFAoYSl7c3dpdGNoKHR5cGVvZiBhKXtjYXNlIFwibnVtYmVyXCI6cmV0dXJuIGlzRmluaXRlKGEpP2E6U3RyaW5nKGEpO2Nhc2UgXCJib29sZWFuXCI6cmV0dXJuIGE%2FMTowO2Nhc2UgXCJvYmplY3RcIjppZihhJiYhQXJyYXkuaXNBcnJheShhKSYmbnVsbCE9YSYmYSBpbnN0YW5jZW9mIFVpbnQ4QXJyYXkpe2xldCBiPVwiXCIsZD0wO2NvbnN0IGU9YS5sZW5ndGgtMTAyNDA7Zm9yKDtkPGU7KWIrPVN0cmluZy5mcm9tQ2hhckNvZGUuYXBwbHkobnVsbCxhLnN1YmFycmF5KGQsZCs9MTAyNDApKTtiKz1TdHJpbmcuZnJvbUNoYXJDb2RlLmFwcGx5KG51bGwsZD9hLnN1YmFycmF5KGQpOmEpO3JldHVybiBidG9hKGIpfX1yZXR1cm4gYX07ZnVuY3Rpb24gUShhLGIsZCxlLGMsayl7aWYobnVsbCE9YSl7aWYoQXJyYXkuaXNBcnJheShhKSlhPWMmJjA9PWEubGVuZ3RoJiYoYVtFXXwwKSYxP3ZvaWQgMDprJiYoYVtFXXwwKSYyP2E6UihhLGIsZCx2b2lkIDAhPT1lLGMsayk7ZWxzZSBpZihKKGEpKXtjb25zdCBmPXt9O2ZvcihsZXQgZyBpbiBhKWZbZ109UShhW2ddLGIsZCxlLGMsayk7YT1mfWVsc2UgYT1iKGEsZSk7cmV0dXJuIGF9fWZ1bmN0aW9uIFIoYSxiLGQsZSxjLGspe2NvbnN0IGY9ZXx8ZD9hW0VdfDA6MDtlPWU%2FISEoZiYzMik6dm9pZCAwO2E9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYSk7Zm9yKGxldCBnPTA7ZzxhLmxlbmd0aDtnKyspYVtnXT1RKGFbZ10sYixkLGUsYyxrKTtkJiZkKGYsYSk7cmV0dXJuIGF9ZnVuY3Rpb24gYmEoYSl7cmV0dXJuIGEubD09PUk%2FYS50b0pTT04oKTpQKGEpfTtmdW5jdGlvbiBTKGEsYixkKXtpZihudWxsIT1kJiZcInN0cmluZ1wiIT09dHlwZW9mIGQpdGhyb3cgRXJyb3IoKTthPWEuZztjb25zdCBlPWFbRV07aWYoZSYyKXRocm93IEVycm9yKCk7YTp7dmFyIGM9SChlKTtpZihiPj1jKXtsZXQgaz1lO2lmKGUmMjU2KWM9YVthLmxlbmd0aC0xXTtlbHNle2lmKG51bGw9PWQpYnJlYWsgYTtjPWFbYysoKyEhKGUmNTEyKS0xKV09e307a3w9MjU2fWNbYl09ZDtrIT09ZSYmKGFbRV09ayl9ZWxzZSBhW2IrKCshIShlJjUxMiktMSldPWQsZSYyNTYmJihkPWFbYS5sZW5ndGgtMV0sYiBpbiBkJiZkZWxldGUgZFtiXSl9fTt2YXIgVT1jbGFzc3tjb25zdHJ1Y3Rvcigpe2E6e3ZhciBhPXZvaWQgMDtudWxsPT1hJiYoYT1PKTtPPXZvaWQgMDtpZihudWxsPT1hKXt2YXIgYj05NjthPVtdfWVsc2V7aWYoIUFycmF5LmlzQXJyYXkoYSkpdGhyb3cgRXJyb3IoKTtiPWFbRV18MDtpZihiJjY0KWJyZWFrIGE7dmFyIGQ9YTtifD02NDt2YXIgZT1kLmxlbmd0aDtpZihlKXt2YXIgYz1lLTE7ZT1kW2NdO2lmKEooZSkpe2J8PTI1Njtjb25zdCBrPSshIShiJjUxMiktMTtjLT1rO2lmKDEwMjQ8PWMpe2M9MTAyMytrO2NvbnN0IGY9ZC5sZW5ndGg7Zm9yKGxldCBnPWM7ZzxmO2crKyl7Y29uc3QgaD1kW2ddO251bGwhPWgmJmghPT1lJiYoZVtnLWtdPWgpfWQubGVuZ3RoPWMrMTtkW2NdPWU7Yz0xMDIzfWI9YiYtMjA5NTEwNXwoYyYxMDIzKTw8MTF9fX1hW0VdPWJ9dGhpcy5nPWF9dG9KU09OKCl7aWYoTCl2YXIgYT1UKHRoaXMsdGhpcy5nLCExKTtlbHNlIGE9Uih0aGlzLmcsYmEsdm9pZCAwLHZvaWQgMCwhMSwhMSksYT0gVCh0aGlzLGEsITApO3JldHVybiBhfX07VS5wcm90b3R5cGUubD1JO1UucHJvdG90eXBlLnRvU3RyaW5nPWZ1bmN0aW9uKCl7cmV0dXJuIFQodGhpcyx0aGlzLmcsITEpLnRvU3RyaW5nKCl9OyBmdW5jdGlvbiBUKGEsYixkKXt2YXIgZT1hLmNvbnN0cnVjdG9yLm8sYz1IKChkP2EuZzpiKVtFXSksaz0hMTtpZihlKXtpZighZCl7Yj1BcnJheS5wcm90b3R5cGUuc2xpY2UuY2FsbChiKTt2YXIgZjtpZihiLmxlbmd0aCYmSihmPWJbYi5sZW5ndGgtMV0pKWZvcihrPTA7azxlLmxlbmd0aDtrKyspaWYoZVtrXT49Yyl7T2JqZWN0LmFzc2lnbihiW2IubGVuZ3RoLTFdPXt9LGYpO2JyZWFrfWs9ITB9Yz1iO2Q9IWQ7Zj1hLmdbRV07YT1IKGYpO2Y9KyEhKGYmNTEyKS0xO3ZhciBnO2ZvcihsZXQgcT0wO3E8ZS5sZW5ndGg7cSsrKXt2YXIgaD1lW3FdO2lmKGg8YSl7aCs9Zjt2YXIgbj1jW2hdO251bGw9PW4%2FY1toXT1kP006RygpOmQmJm4hPT1NJiZGKG4pfWVsc2V7aWYoIWcpe3ZhciB0PXZvaWQgMDtjLmxlbmd0aCYmSih0PWNbYy5sZW5ndGgtMV0pP2c9dDpjLnB1c2goZz17fSl9bj1nW2hdO251bGw9PWdbaF0%2FZ1toXT1kP006RygpOmQmJm4hPT1NJiZGKG4pfX19ZT1iLmxlbmd0aDsgaWYoIWUpcmV0dXJuIGI7bGV0IFgsWTtpZihKKGc9YltlLTFdKSl7YTp7dmFyIHI9Zzt0PXt9O2M9ITE7Zm9yKGxldCBxIGluIHIpZD1yW3FdLEFycmF5LmlzQXJyYXkoZCkmJmQhPWQmJihjPSEwKSxudWxsIT1kP3RbcV09ZDpjPSEwO2lmKGMpe2ZvcihsZXQgcSBpbiB0KXtyPXQ7YnJlYWsgYX1yPW51bGx9fXIhPWcmJihYPSEwKTtlLS19Zm9yKDswPGU7ZS0tKXtnPWJbZS0xXTtpZihudWxsIT1nKWJyZWFrO1k9ITB9aWYoIVgmJiFZKXJldHVybiBiO3ZhciBLO2s%2FSz1iOks9QXJyYXkucHJvdG90eXBlLnNsaWNlLmNhbGwoYiwwLGUpO2I9SztrJiYoYi5sZW5ndGg9ZSk7ciYmYi5wdXNoKHIpO3JldHVybiBifTt2YXIgY2E9Y2xhc3MgZXh0ZW5kcyBVe307ZnVuY3Rpb24gZGEoYT13aW5kb3cpe3JldHVybiBhfTt2YXIgZWE9LyN8JC87Y29uc3QgVj1mdW5jdGlvbihhLGI9bnVsbCl7cmV0dXJuIGImJmIuZ2V0QXR0cmlidXRlKFwiZGF0YS1qY1wiKT09PVN0cmluZyhhKT9iOmRvY3VtZW50LnF1ZXJ5U2VsZWN0b3IoYFske1wiZGF0YS1qY1wifT1cIiR7YX1cIl1gKX0oMTAzLGRvY3VtZW50LmN1cnJlbnRTY3JpcHQpO2lmKG51bGw9PVYpdGhyb3cgRXJyb3IoXCJKU0Mgbm90IGZvdW5kIDEwM1wiKTtjb25zdCBXPXt9LFo9Vi5hdHRyaWJ1dGVzO2ZvcihsZXQgYT1aLmxlbmd0aC0xOzA8PWE7YS0tKXtjb25zdCBiPVpbYV0ubmFtZTswPT09Yi5pbmRleE9mKFwiZGF0YS1qY3AtXCIpJiYoV1tiLnN1YnN0cmluZyg5KV09WlthXS52YWx1ZSl9IChmdW5jdGlvbihhLGIsZCl7dmFyIGU9d2luZG93O2EmJmImJmQmJmUuUmVwb3J0aW5nT2JzZXJ2ZXImJmUuZmV0Y2gmJihuZXcgZS5SZXBvcnRpbmdPYnNlcnZlcigoYyxrKT0%2Be2M9Y1swXTtpZihcIkhlYXZ5QWRJbnRlcnZlbnRpb25cIj09PWM%2FLmJvZHk%2FLmlkKXtjPTA8KGMuYm9keS5tZXNzYWdlPy5pbmRleE9mKFwibmV0d29ya1wiKXx8MCk%2FZDpiO3ZhciBmPWEuc2VhcmNoKGVhKTt2YXIgZztiOntmb3IoZz0wOzA8PShnPWEuaW5kZXhPZihcImFkX3NpZ25hbHNcIixnKSkmJmc8Zjspe3ZhciBoPWEuY2hhckNvZGVBdChnLTEpO2lmKDM4PT1ofHw2Mz09aClpZihoPWEuY2hhckNvZGVBdChnKzEwKSwhaHx8NjE9PWh8fDM4PT1ofHwzNT09aClicmVhayBiO2crPTExfWc9LTF9aWYoMD5nKWY9bnVsbDtlbHNle2g9YS5pbmRleE9mKFwiJlwiLGcpO2lmKDA%&i=5-6&t=adltag_lm49kuwr_dd4F5c3Fmxe&r=a415c6f06bcfe90a1dc0ddb191cee85&c=sheknows&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-19.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
G_RnelvHxLZRigY10NOQqcebDxJ14kwi
date
Sun, 03 Sep 2023 22:12:03 GMT
via
1.1 4a6fd791b6663fb7a124f5d43d11ba3c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
15491
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 00:29:17 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
miVWqy4-R2bJInjQwQeMj0TQdiLtwCMidM29yS72U88WWDmLYFvv8w==
place
sheknows-tagan.adlightning.com/ Frame DFF5 		0
419 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://sheknows-tagan.adlightning.com/place?p=1&d=2BaHx8aD5mKWg9ZjtmPWRlY29kZVVSSUNvbXBvbmVudChhLnNsaWNlKGcrMTEsLTEhPT1oP2g6MCkucmVwbGFjZSgvXFwrL2csXCIgXCIpKX1pZihmKXtpZihuYXZpZ2F0b3Iuc2VuZEJlYWNvbihcImh0dHBzOi8vcGFnZWFkMi5nb29nbGVzeW5kaWNhdGlvbi5jb20vcGFnZWFkL2dlbl8yMDQvP2lkPWZsZWRnZV9pbnRlcmFjdGlvbnMmbGFiZWw9XCIrIGMpLGY9e2g6ZixsYWJlbDpjfSxjPW5ldyBjYSxudWxsIT1mJiYobnVsbCE9Zi5oJiZTKGMsMSxmLmgpLG51bGwhPWYubSYmUyhjLDMsZi5tKSxudWxsIT1mLmxhYmVsJiZTKGMsNixmLmxhYmVsKSxudWxsIT1mLmomJlMoYyw3LGYuaiksbnVsbCE9Zi5pJiZTKGMsOCxmLmkpKSxudWxsIT0oZj1kYShsKS5mZW5jZSkpe2c9Zi5yZXBvcnRFdmVudDthOntMPSEwO3RyeXt2YXIgbj1KU09OLnN0cmluZ2lmeShjLnRvSlNPTigpLGFhKTticmVhayBhfWZpbmFsbHl7TD0hMX1uPXZvaWQgMH1nLmNhbGwoZix7ZXZlbnRUeXBlOlwiaW50ZXJhY3Rpb25cIixldmVudERhdGE6bixkZXN0aW5hdGlvbjpbXCJidXllclwiXX0pfX1lbHNlIGUuZmV0Y2goYCR7YX0mbGFiZWw9JHtjfWAse2tlZXBhbGl2ZTohMCxtZXRob2Q6XCJnZXRcIixtb2RlOlwibm8tY29yc1wifSk7ay5kaXNjb25uZWN0KCl9fSx7dHlwZXM6W1wiaW50ZXJ2ZW50aW9uXCJdLGJ1ZmZlcmVkOiEwfSkpLm9ic2VydmUoKX0pKFcuYmFzZV91cmwsVy5jcHVfbGFiZWwsIFcubmV0X2xhYmVsKTt9KS5jYWxsKHRoaXMpOzwvc2NyaXB0PjwvYm9keT48L2h0bWw%2BPCEtLSBJRlJBTUUgSU5ORVIgQ09OVEVOVCAtLT4ifQ%3D%3D&i=6-6&t=adltag_lm49kuwr_dd4F5c3Fmxe&r=a415c6f06bcfe90a1dc0ddb191cee85&c=sheknows&z=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-19.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
G_RnelvHxLZRigY10NOQqcebDxJ14kwi
date
Sun, 03 Sep 2023 22:12:03 GMT
via
1.1 4a6fd791b6663fb7a124f5d43d11ba3c.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P8
age
15491
x-cache
Error from cloudfront
content-length
0
last-modified
Fri, 28 Oct 2022 00:29:17 GMT
server
AmazonS3
etag
"d41d8cd98f00b204e9800998ecf8427e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
4w5dWZh6FLpr5zGq1PbdlHFwc2ydMiIEJ_L8jV_PKSvR6UER0w9PfA==
view
securepubads.g.doubleclick.net/pcs/ Frame 23BF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5rBZUKsw-deS0i9Ox90PsAK63MzXlKO1txYZdqz8j51uEgwltoLkBgkFgJeEqC1pe1a-k0_sUboXtouGuPgjAoXLqfe3_UmRouEaKrm0XREzZioQw2srZ6EoitsNeQUvfO0RDr_ciS2XkbniR0FXlsve0B_hWTNKaWojIv8GEYa98u3_34iL8p4JCnt0ZJISuX6Y1wdCTjfnRWTRET_CakOm4DE3z26WJGcQyEDGX8MyfGKxAyTiKDPOwo8ov-OouFaz0wuMC_bAQvwtQn9l6CIEqKkxXaPGStC4soP5Oy30rfdB2BboUIN2OQUGzNMkFE-tODmArKqccsmsDrJEy86pc0B9SAYqUle_L&sai=AMfl-YR8rBM-UFa3K5jxe3-CttjYE0MRIe5tv6YdP3unjIXGmOfaS4G28BepeR8cNyhxG47x17dgNjB_sqhipZX0gpOJstcWn_4rfgMMqs4-mcS64eFLAIbLrIfEL4siNVg&sig=Cg0ArKJSzLSKbJSHj6qiEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:13 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		95 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:13 GMT
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 8777 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Thu, 31 Aug 2023 08:33:33 GMT
x-content-type-options
nosniff
age
323800
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20960
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 30 Aug 2024 08:33:33 GMT
7cHpv4kjgoGqM7E_DMs5.woff2
fonts.gstatic.com/s/barlow/v12/ Frame 8777 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHpv4kjgoGqM7E_DMs5.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@400;500;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 30 Aug 2023 20:11:41 GMT
x-content-type-options
nosniff
age
368312
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21144
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:43:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 29 Aug 2024 20:11:41 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsmaato%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account...
  • https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=8ccb80fc75
86 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=8ccb80fc75
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:09 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
age
4
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://prebid-server.rubiconproject.com/setuid?bidder=smaato&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=8ccb80fc75
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
4Pt2H_lJ3051ihteom9MtlU62TQ2OvF1yeDupavVDIB3m6iaTpOrkg==
merge
ce.lijit.com/ Frame ECE3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=7130330984
  • https://sync.1rx.io/usersync/turn/3723847017943428256?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D97%263pid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
  • https://ce.lijit.com/merge?pid=97&3pid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=97&3pid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Date
Mon, 04 Sep 2023 02:30:14 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ce.lijit.com/merge?pid=97&3pid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
ecm3
s.amazon-adsystem.com/ Frame ECE3
Redirect Chain
  • https://cs.media.net/cksync?cs=31&type=tam&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dmedia.net%26id%3D%3Cvsid%3E
  • https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3367962136634934000V10
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3367962136634934000V10
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A2ZGYXXTXNEHFPN8WBBZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:13 GMT
Server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://s.amazon-adsystem.com/ecm3?ex=media.net&id=3367962136634934000V10
Content-Type
text/html
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
154
x-mnet-hl2
E
Expires
Mon, 04 Sep 2023 02:30:13 GMT
ecm3
s.amazon-adsystem.com/ Frame ECE3
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=aps&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsmaato.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=e5563551d8
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=e5563551d8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
039KMQ4FYJKAH0RABBDS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:10 GMT
via
1.1 9d35ce6897d7f02042955443076a54de.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
age
3
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.amazon-adsystem.com/ecm3?ex=smaato.com&id=e5563551d8
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
V8IvGaAIvJmgIdX4e_KAU9ve-1vT3SHRFXrjINdnrOvjUAzxfqE4kw==
/
onetag-sys.com/match/ Frame ECE3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=113&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame ECE3
Redirect Chain
  • https://um.simpli.fi/amazon/https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dsimpli.fi%26id%3D
  • https://s.amazon-adsystem.com/ecm3?id=C14E48D5177140E2A6F7C142966EB206&ex=simpli.fi&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=C14E48D5177140E2A6F7C142966EB206&ex=simpli.fi&status=ok
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VY6FTPWT1C6MK90D5ARV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://s.amazon-adsystem.com/ecm3?id=C14E48D5177140E2A6F7C142966EB206&ex=simpli.fi&status=ok
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Sep 2023 02:30:13 GMT
sp_BbylgSbK
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ 		25 B
786 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_BbylgSbK
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26

Request headers

Accept
application/json
Referer
https://www.shefinds.com/
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
x-spotim-page-view-id
e3a6c02f-3821-4966-b815-070e1fd3f4b8
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 02:26:05 GMT
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
248
x-cache
Hit from cloudfront
content-length
25
x-request-id
66325314-4aca-11ee-9b6b-4285488007e2
server
fasthttp
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
CWxBw3nQj3JdleCR6-j3vntGpjv9INodiSfmJimwWNyV_rQtUNvxTg==
authenticate
api-2-0.spot.im/v1.0.0/ 		362 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/shell-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
b1722c4f4668c6ca36464f685eacbe71f72ff778b3b3567f0e07051a8f28abad
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spot-id
sp_BbylgSbK
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
x-post-id
907296
Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
content-length
362
x-spotim-token
0123090436UTEZ.60ca072439026aabb92e5a0ceafe7db7a2f691af53358c0d39f79b33cadf4533
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfWHFWU21IcVMzbWhwIiwiZGlzcGxheV9uYW1lIjoiR29sZFNlYWhvcnNlIiwidXNlcl9uYW1lIjoiR29sZFNlYWhvcnNlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI0dvbGQtU2VhaG9yc2UiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNjkzNzk0NjEzLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTA0MzZVVEVaLjYwY2EwNzI0MzkwMjZhYWJiOTJlNWEwY2VhZmU3ZGI3YTJmNjkxYWY1MzM1OGMwZDM5Zjc5YjMzY2FkZjQ1MzMiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfak5iQnVqbEpGVnJGbkxJem9qaHEiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjIyMTY2MTMsInN1YiI6InVfWHFWU21IcVMzbWhwIn0.DyXOAZDGk1SMseij3V3pEHaBohLQvabb42YgXQ7-ZSE
x-request-id
fa41a0e2-4aca-11ee-983a-dec1dbeffa1f
x-guid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
server
fasthttp
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
uoyk0rtfUgoTtsAgQZdWqsbInNBq7LgFlRKrn0akyhHNeSLfAnZ-5w==
amzns2s
rtb.gumgum.com/usync/ Frame 12C1 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.116.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-116-249.compute-1.amazonaws.com
Software
nginx /
Resource Hash
34f576d717c7ac941eccc817ebc0145ce8b8dc8ffc2dd8bb7bdf06a550b9c205

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:13 GMT
etag
W/"065b1aa0c34b9758e983a97a582740d7c"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 52CF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
0d67bb873095207d8db8686121993eb44860e22edb3a161cfad4fd684937bf1a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1717
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:14 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:13 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync-iframe
cs-tam.minutemedia-prebid.com/ Frame 45A0 		4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:2800:17:c484:6380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
daba4266fa5864c4ee1e1f55c6e37ebdb8c85964448f5f411b096aba10affaf1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-tam.minutemedia-prebid.com
content-type
text/html
date
Mon, 04 Sep 2023 02:30:13 GMT
server
istio-envoy
via
1.1 c05b7ff061569d914bb28a2bfaa77d34.cloudfront.net (CloudFront)
x-amz-cf-id
9KGXrA2d52T95mAtWhqJTgmXqlcpR0EWCWkXTKQ8I-GzLuCkN2rZUA==
x-amz-cf-pop
JFK50-P8
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
syncb
sync.bfmio.com/ Frame 358E 		930 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.bfmio.com/syncb?pid=137
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
129d722c999ae17ce2de396f8870bed3441ab39a6590d8fed63b44605191362b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Connection
keep-alive
Content-Length
930
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:13 GMT
ecm3
s.amazon-adsystem.com/ Frame 1780
Redirect Chain
  • https://cs.admanmedia.com/e1edfb9aa2a9066a203a7fce17c3a388.gif?puid=[UID]&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dacuity.com%26id%3D%5BUID%5D
  • https://s.amazon-adsystem.com/ecm3?ex=acuity.com&id=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=acuity.com&id=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
247RGN4CND8NZWN4Z7QM

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:13 GMT
Expires
0
Location
https://s.amazon-adsystem.com/ecm3?ex=acuity.com&id=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
cm
u.openx.net/w/1.0/ Frame 96B1
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX...
693 B
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a3ef17b26732b63a74261e5ab0c680be36655833f48192315326be2f5a92819b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
402
content-type
text/html
date
Mon, 04 Sep 2023 02:30:13 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 04 Sep 2023 02:30:13 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
sp_BbylgSbK
api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/broadcasts/broadcasts/sp_BbylgSbK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-spotim-device-uuid,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:30:13 GMT
server
fasthttp
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-id
W8ddtrTgF3rXXtkylPHv5FJHKsOOkv2-MsY_7Gd6APOJBNOfrOLk8A==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
authenticate
api-2-0.spot.im/v1.0.0/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/authenticate
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-post-id,x-spot-id,x-spotim-device-uuid
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 04 Sep 2023 02:30:13 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-id
C1i9ouIFczWx5wDIULZUVgABDVrbQ4QBUm2yKuRURsbHlY31antb2w==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
ecm3
s.amazon-adsystem.com/ Frame DB88
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=990277896830277133&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=990277896830277133&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
QJDKKB42SXVFDWK4FFSD

Redirect headers

content-length
0
date
Mon, 04 Sep 2023 02:30:12 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=990277896830277133&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame F5C9
Redirect Chain
  • https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://amazon-tam-match.dotomi.com/match/bounce/current?DotomiTest=7502a35ba4dc22c0&is_secure=true&networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
  • https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGxnXd9PrYuQMpHvCOAAAAAAA&expiration=1693881013&is_secure=true
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGxnXd9PrYuQMpHvCOAAAAAAA&expiration=1693881013&is_secure=true
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
7EF07RYCTWY70S3QD527

Redirect headers

cache-control
no-cache, private, max-age=0, no-store
content-length
0
date
Mon, 04 Sep 2023 02:30:13 GMT
expires
0
location
https://s.amazon-adsystem.com/ecm3?ex=cnv.com&id=AAAGxnXd9PrYuQMpHvCOAAAAAAA&expiration=1693881013&is_secure=true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
pragma
no-cache
server
nginx
918-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/ 		136 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/918-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aed2024c0b547dfcf4693718aa6b73058c09bbc2ffb4608033cb1c5cffd2ac19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 15:14:25 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
nGlamfB8Pi85Jz7bEPAeZydXf1Ki6zjR
x-amz-cf-pop
JFK52-P1
age
1250149
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
34868
last-modified
Sun, 20 Aug 2023 13:47:36 GMT
server
AmazonS3
etag
"5c219744e2d287fb0baa92c1288d9cb9"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
tVln6SCbfyBzLXa7jV8UP8YEe7MNiLOsj9jMPqkNHzfeoboJ9I3v7Q==
with-all-vendors-bundle.js
static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/ 		393 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/with-all-vendors-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8365b122b9687e93abba4b7c0e296b244a803044a5c02c3618be1cbb489b3d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 15:14:25 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
lClg7qOnucwVVbxP2Zpx4a6_5bnfjdSF
x-amz-cf-pop
JFK52-P1
age
1250149
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
218
last-modified
Sun, 20 Aug 2023 13:47:37 GMT
server
AmazonS3
etag
"9eeb9df073fd3a68df33c4f1d4a24d85"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
ztRXOM8rjjLa5KSkvMWMD9RDEFBmzxu0Wt_qjPZYdE8Y8KRvL3jhtw==
usersync.html
cdn.undertone.com/js/ Frame FCB0 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:6a00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68882
content-encoding
gzip
content-type
text/html
date
Sun, 03 Sep 2023 07:22:13 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-amz-cf-id
pkhbi0mV_P2t-9aZhGErH6Gw8V43N-kYCVECTRl27WF2MUk34AfW4w==
x-amz-cf-pop
JFK50-P6
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 221A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101354
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:13 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame B5C5 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.120.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-120-247.compute-1.amazonaws.com
Software
/
Resource Hash
f52ce01db6efb560048591928a335d5e8a620ea5a5528f76384f5ceca40263e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Mon, 04 Sep 2023 02:30:13 GMT
pragma
no-cache
vary
accept-encoding
usync.html
eus.rubiconproject.com/ Frame 45BA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:13 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame BF72
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
356cd2d38950e1ebccc072c6107d3ac69e97c79e26da6ee7f7ccaf4db6cf6d00
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 5885
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1TdmJjcmQ1RTJ1TFRZQUEwNHNXY0VGRWExMHc3RHB2Vn5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1TdmJjcmQ1RTJ1TFRZQUEwNHNXY0VGRWExMHc3RHB2Vn5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
SR6VZXG4VG3FKG3T7RB9

Redirect headers

age
0
content-length
0
date
Mon, 04 Sep 2023 02:30:13 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1TdmJjcmQ1RTJ1TFRZQUEwNHNXY0VGRWExMHc3RHB2Vn5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
ecm3
s.amazon-adsystem.com/ Frame FF04
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=2535980227366638075&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=2535980227366638075&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:13 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
ZQQ4HW6MNX7QP6FVDPMC

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ba6f6b07-a89a-4943-9a67-21e3be47b449
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:13 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://s.amazon-adsystem.com/ecm3?id=2535980227366638075&ex=appnexus.com
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
amazon
ce.lijit.com/beacon/ Frame EBED
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
  • https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
594df9b064f662213f81df2715fd3f4891d273620adef1140663f5430d30da45

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Content-Encoding
gzip
Content-Length
423
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:13 GMT
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-Sovrn-Pod
ad_ap1ewr1

Redirect headers

Content-length
0
Location
https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 35F2 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
05f76c3018b164df10bfdf650ea9f4dd8f75fd995e51d9112adf54b0947edb0c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
cs-server-s2s.yellowblue.io
content-type
text/html
date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
x-envoy-upstream-service-time
2
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_BbylgSbK/ 		30 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_BbylgSbK/v2
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
9b10618d85227eb7b7f1563cf22be94be2177277866ed4592ffb6a7101f20d09
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-guid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
x-post-id
907296
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
e3a6c02f-3821-4966-b815-070e1fd3f4b8
Referer
https://www.shefinds.com/
x-access-token
null

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
content-encoding
gzip
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-request-id
fa41f7e5-4aca-11ee-866c-167e59698e9b
server
fasthttp
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
x-amz-cf-id
GJix-jrhInkZK_f6-nhjAa5Oj8wOkRouHPkYKMkR22VBQj3wZAFtbQ==
v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_BbylgSbK/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_BbylgSbK/v2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
x-access-token,x-guid,x-post-id,x-spot-id,x-spotim-page-view-id
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-spot-id,x-post-id,x-guid,x-spotim-page-view-id,x-access-token
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 04 Sep 2023 02:30:13 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-id
X0qm1k6We0V6ckzzWZT9lsl5voOrlz6Fz-IxZGMuxH07p2kLOcTvbQ==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
notifications-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/notifications-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7446608f783007b998f8bcf178c044468516c3c5b178a87c40378218ccefccd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
32hS.RBMYjRJOhJIkplNDK6gFFgCDEu6
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 17:49:08 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
31266
x-amz-server-side-encryption
AES256
etag
W/"5ed2b7717eecaf3c14602f5dc04ecb95"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
X_TzVHqeBYP5-1IiySv5wsifw4cRA2K3iR7rBsaDM2mqT7kyAyjjyw==
ecm3
s.amazon-adsystem.com/ Frame 1558
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4187545677285024608258
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4187545677285024608258
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:14 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CEKG197JBE2842RYWVBR

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:30:13 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=4187545677285024608258
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-geo.s-onetag.com/ 		50 B
454 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-71.jfk50.r.cloudfront.net
Software
/
Resource Hash
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:33:16 GMT
via
1.1 f7712655aa6587fbf06c55b40ebb2680.cloudfront.net (CloudFront), 1.1 fcce23e7f4e791fa67223a305c4debb8.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4, JFK50-P4
age
39416
x-amzn-requestid
d496aad8-c748-4d72-b5aa-7b97e87d98a0
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
Kr8RkGx7iYcFZlw=
content-length
50
x-amz-cf-id
w6h7CPi2tmkWj51lBFOQUZqVBzRfQz1buFEmNKzjde69iXUirKA1sg==
segment
api.permutive.com/adv/v2/ 		14 B
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/adv/v2/segment?new-session=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:13 GMT
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14
content-type
application/json
ecm3
s.amazon-adsystem.com/ Frame EBED 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=HQzWZQZHTprevADoQOeL11M1&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N4DTPQXV54NJ2MBTD1YX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame EBED
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=80&3pid=LM49KSCX-B-B1NA&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LM49KSCX-B-B1NA&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LM49KSCX-B-B1NA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
merge
ce.lijit.com/ Frame EBED
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=
  • https://creativecdn.com/cm-notify?pi=sovrn&gdpr=0&gdpr_consent=&tc=1
  • https://ce.lijit.com/merge?pid=86&3pid=BfCE3hDnG2SOJFTOP3fi&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=86&3pid=BfCE3hDnG2SOJFTOP3fi&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:16 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=86&3pid=BfCE3hDnG2SOJFTOP3fi&pi=sovrn&gdpr=0&gdpr_consent=&tc=1
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT, Mon, 04 Sep 2023 02:30:14 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sovrn
tr.blismedia.com/v1/api/sync/ Frame EBED 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/sovrn?gdpr=0&gdpr_consent=
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
merge
ce.lijit.com/ Frame EBED
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=sovrn-onscroll&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=83&3pid=LM49KSCX-B-B1NA&gdpr=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=83&3pid=LM49KSCX-B-B1NA&gdpr=0
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=83&3pid=LM49KSCX-B-B1NA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
cs
cs.minutemedia-prebid.com/ Frame EBED
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sovrn&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=637533945
  • https://sync.1rx.io/usersync/turn/3723847017943428256?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21478%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f...
  • https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: ce.lijit.com
URL: https://ce.lijit.com/beacon/amazon?url=https://s.amazon-adsystem.com/ecm3?id=$UID&ex=sovrn.com
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ce.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://ce.lijit.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Mon, 04 Sep 2023 02:30:15 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs.minutemedia-prebid.com/cs?aid=21478&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
v2
id5-sync.com/gm/ 		635 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
0cb7b7044ebd985ade5130a1c784c792a35dffe317a4bc86f5e6c61a53e4974e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:13 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
src_next_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/src_next_index_tsx-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bcede6c5d5aecc628e38729f2e1d81cd40d8512f71cdff84a1a0305d8402422

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
bY774YUmW8n66LnNOzGqrd8DooB2kC._
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 04:20:15 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
79799
x-amz-server-side-encryption
AES256
etag
W/"111210e416d2b6b3a5edb5d643e9ca52"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
81lMT8EScss4NMbMozipoRXxJs-LjkO7yWPDt81d_qfII5pGn6hsIA==
popular-in-the-community.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/ 		155 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/popular-in-the-community.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05607c46a0e139efa15b9f19a19b5c497fcf2bf908caab0a36ad2f51203dee5b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
e44mf7gjXlm4yDY_.HpJ.x27iuDUa1UV
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 09:59:15 GMT
last-modified
Tue, 01 Aug 2023 07:45:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
59459
x-amz-server-side-encryption
AES256
etag
W/"cace8c0e4f8db88bbc4ee3b009397e04"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
Nxzi_Nb3oIKRCroHMu7oDSQSJ-QdN1QJrohQ58fNL_GobpfG6j0oXQ==
usersync
usersync.gumgum.com/ Frame 12C1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=2535980227366638075
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=2535980227366638075
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:13 GMT
an-x-request-uuid
e595d9e8-1378-4426-8ed0-cf1ed13fa293
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 12C1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy=
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=gumgum2&user_id=2rXqQK-ghAmlXHnsEuU10
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:16 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:16 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
c.gif
c.bing.com/ Frame 12C1
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 254B35B5C7054DE1B6E8277A67AB0D5C Ref B: EWR311000105009 Ref C: 2023-09-04T02:30:16Z
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

Location
https://c.bing.com/c.gif?red3=MSOB_pd&uid=%24D
Date
Mon, 04 Sep 2023 02:30:16 GMT
X-TraceId
db1428432bdb5918586bdf5709c09d6d
Content-Length
0
usersync
usersync.gumgum.com/ Frame 12C1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=7138e634-8278-0d73-3f20-722368677cad
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=7138e634-8278-0d73-3f20-722368677cad
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=7138e634-8278-0d73-3f20-722368677cad
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 12C1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Date
Mon, 04 Sep 2023 02:30:14 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 12C1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
content-length
0
usersync
usersync.gumgum.com/ Frame 12C1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=9be4ed3c-c4eb-4966-94aa-5a7f63709496
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=9be4ed3c-c4eb-4966-94aa-5a7f63709496
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=9be4ed3c-c4eb-4966-94aa-5a7f63709496
Date
Mon, 04 Sep 2023 02:30:14 GMT
Connection
keep-alive
X-CI-RTID
4732d3d0-8ef8-401f-bc4f-7a72689e39b0
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 12C1 		0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:13 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 12C1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=7OtLpfSYGeURan-VWWev&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHU3U65CMOBTFGWKHMVKVEYLOFVLFOV3FOY
  • https://usersync.gumgum.com/usersync?b=zem&i=7OtLpfSYGeURan-VWWev
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=7OtLpfSYGeURan-VWWev
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:16 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=7OtLpfSYGeURan-VWWev
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 12C1
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:14 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 12C1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=y2aI2Ueo8q3c&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=y2aI2Ueo8q3c&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=y2aI2Ueo8q3c&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
usersync
usersync.gumgum.com/ Frame 12C1
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
date
Mon, 04 Sep 2023 02:30:13 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 12C1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=gg.com&id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GWX7YE3VVDZY0RZAWTPT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame BF72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=U3JiMTdWZXV2UnNlUzlDQlljTUFodw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEIgnvoTzmM4Y6KdLZSovT0A&google_cver=1
49 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEIgnvoTzmM4Y6KdLZSovT0A&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:13 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEIgnvoTzmM4Y6KdLZSovT0A&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame BF72
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=53c6549163901312&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMo9ZT9AivRgMbWMZcAAAAAAA&expiration=1693881014&nuid=&is_secure=true
49 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMo9ZT9AivRgMbWMZcAAAAAAA&expiration=1693881014&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.131 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(10.0.14) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
content-type
image/gif;charset=iso-8859-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAMo9ZT9AivRgMbWMZcAAAAAAA&expiration=1693881014&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame BF72 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=y2aI2Ueo8q3c&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
40887FZ80AAZ9921VMAS
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 129E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac%252C%252C%25257B%252522architecture%252522%25253A%252522%252522%25252C%252522bitness...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttd_puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C%257B%2522architecture%2522%253A%...
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttd_puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
Requested by
Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=0&us_privacy=1---&referrer_url=&page_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&owner=P%26G&bp_id=penskemedia&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js&data=%7B%22category%22%3A%22articles%22%7D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pandg.tapad.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttd_puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C%257B%2522architecture%2522%253A%2522%2522%252C%2522bitness%2522%253A%2522%2522%252C%2522brands%2522%253A%255B%255D%252C%2522fullVersionList%2522%253A%255B%255D%252C%2522mobile%2522%253Afalse%252C%2522model%2522%253A%2522%2522%252C%2522platform%2522%253A%2522%2522%252C%2522platformVersion%2522%253A%2522%2522%257D
date
Mon, 04 Sep 2023 02:30:13 GMT
server
Kestrel
content-length
987
cookie
cm.adform.net/ Frame 45A0
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F8629%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%...
  • https://prebid.a-mo.net/cchain/0/8629?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=appnexus&cbx=aHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZ...
  • https://cm.adform.net/cookie?&gdpr=0&gdpr_consent=&us_privacy=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F8629%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?&gdpr=0&gdpr_consent=&us_privacy=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F8629%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?&gdpr=0&gdpr_consent=&us_privacy=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F8629%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9jcy5taW51dGVtZWRpYS1wcmViaWQuY29tL2NzP2FpZD0yMTQ5MiZ1aWQ9%26uid%3D%24UID
date
Mon, 04 Sep 2023 02:30:13 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=mmed&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]&redirectUri=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21486%26uid%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21486&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=0&gdpr_consent=&us_privacy=[US_PRIVACY]
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=59&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]
  • https://cs.minutemedia-prebid.com/cs?aid=21498&id=990277896830277133&gdpr=0&gdpr_consent=
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21498&id=990277896830277133&gdpr=0&gdpr_consent=
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21498&id=990277896830277133&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:13 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/minutemedia/?&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21515%26uid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3D...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3TFZWWS3TVORSW2ZLENFQS24DSMVRGSZBOMNXW2L3DOM7WC2LEHUZDCNJRGUTGK6DDNBQW4Z3FHVWWS3TVORSW2ZLENFQSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC...
  • https://cs.minutemedia-prebid.com/cs?aid=21515&uid=tBqhGL_SEgdE6TJQpXUm
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=tBqhGL_SEgdE6TJQpXUm
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:16 GMT
Content-Type
text/html; charset=utf-8
Location
https://cs.minutemedia-prebid.com/cs?aid=21515&uid=tBqhGL_SEgdE6TJQpXUm
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
98
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=minutemedia
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21503&id=ad3c3e1d-5562-463a-9909-5fe7873052b0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21503&id=ad3c3e1d-5562-463a-9909-5fe7873052b0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
//cs.minutemedia-prebid.com/cs?aid=21503&id=ad3c3e1d-5562-463a-9909-5fe7873052b0
date
Mon, 04 Sep 2023 02:30:14 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21480&id=4187545677285024608258
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21480&id=4187545677285024608258
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21480&id=4187545677285024608258
date
Mon, 04 Sep 2023 02:30:13 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=2073&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21489%26id%3D%7BPUB_USER_ID%7D
  • https://cs.minutemedia-prebid.com/cs?aid=21489&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21489&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21489&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:14 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://x.bidswitch.net/ul_cb/sync?ssp=minutemedia&gdpr=0&gdpr_consent=&user_id=%s
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dminutemedia%26expires%3D30...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dminutemedia%26expires%3D30...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&ssp=minutemedia&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21490&id=54d10197-cb46-413a-91f9-8e6ea8d9de90
0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21490&id=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
//cs.minutemedia-prebid.com/cs?aid=21490&id=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21504%26uid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21504&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21504&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
  • https://cs.minutemedia-prebid.com/cs?aid=21488&id=HQzWZQZHTprevADoQOeL11M1
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21488&id=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Mon, 04 Sep 2023 02:30:13 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cs.minutemedia-prebid.com/cs?aid=21488&id=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21483%26id%3D%5BUSER_ID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21483&id=82F235EFF1234674BB5C958FB6785F44
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21483&id=82F235EFF1234674BB5C958FB6785F44
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:14 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://cs.minutemedia-prebid.com/cs?aid=21483&id=82F235EFF1234674BB5C958FB6785F44
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
x-varnish
486414688
access-control-allow-credentials
true
content-length
0
sync
ads.yieldmo.com/v000/ Frame 45A0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=sportority
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=451940539
  • https://sync.1rx.io/usersync/tradedesk/3175ac58-0d9d-47aa-b429-d8f42e050f30
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f9...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
52.71.250.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-250-162.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Mon, 04 Sep 2023 02:30:16 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=a1aca1d7a7acd80e26595e82223f1e6f&name=MinuteMedia&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER...
  • https://cs.minutemedia-prebid.com/cs?aid=21502&id=d99fc1948fa396f0fdd7e4c9f13a0c3a
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21502&id=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:13 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://cs.minutemedia-prebid.com/cs?aid=21502&id=d99fc1948fa396f0fdd7e4c9f13a0c3a
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21485%26puid%3D33XUSERID33X
  • https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212166994878779
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212166994878779
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs.minutemedia-prebid.com/cs?aid=21485&puid=212166994878779
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://cs.admanmedia.com/sync/minute_media?gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redir=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21497%26puid%3D%5BUID%5D
  • https://cs.minutemedia-prebid.com/cs?aid=21497&puid=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Transfer-Encoding
chunked
Location
https://cs.minutemedia-prebid.com/cs?aid=21497&puid=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21484%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26id%3D$UID
  • https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=2535980227366638075
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=2535980227366638075
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:13 GMT
an-x-request-uuid
d23d991d-73a8-487c-ac49-2561f2f9749f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs.minutemedia-prebid.com/cs?aid=21484&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&id=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.loopme.me/ Frame 45A0 		0
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=196326&cb=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cs.minutemedia-prebid.com/cs?aid=21476&id=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
0
Expires
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=29975467-6f1b-4e06-b545-920b22ea49b2&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs.minutemedia-prebid.com/cs?aid=21477&id=1f5ca040-d5ff-0a71-20c3-7b39e034f70e
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21477&id=1f5ca040-d5ff-0a71-20c3-7b39e034f70e
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs.minutemedia-prebid.com/cs?aid=21477&id=1f5ca040-d5ff-0a71-20c3-7b39e034f70e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=3r9HMldH&gdpr=0&gdpr_consent=
  • https://cs.minutemedia-prebid.com/cs?aid=21496&id=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21496&id=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21496&id=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
date
Mon, 04 Sep 2023 02:30:14 GMT
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21495%26id%3D$UID&partner=minutemedia
  • https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21495&id=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
cache-control
no-store
content-length
0
expires
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D$%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44808&gdpr=0&gdpr_consent=&callback_url=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21505%26id%3D%24%7BUSER_ID%7D&crf=1&rts=-8977760028884871190
  • https://cs.minutemedia-prebid.com/cs?aid=21505&id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21505&id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21505&id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562963&ev=1&us_privacy=[US_PRIVACY]&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&rurl=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21494%26id%3D%25%25VGUID...
  • https://cs.minutemedia-prebid.com/cs?aid=21494&id=y2aI2Ueo8q3c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21494&id=y2aI2Ueo8q3c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs.minutemedia-prebid.com/cs?aid=21494&id=y2aI2Ueo8q3c&ev=1&us_privacy=[US_PRIVACY]&pid=562963&gdpr_consent=[USER_CONSENT]&gdpr=[GDPR]
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
cs
cs.minutemedia-prebid.com/ Frame 45A0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=161683&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs.minutemedia-prebid.com/cs?aid=21482&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21482&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-tam.minutemedia-prebid.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.minutemedia-prebid.com/cs?aid=21482&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
113
content-type
text/html; charset=utf-8
ecm3
s.amazon-adsystem.com/ Frame 45A0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=minutemedia.com&id=U2evU2M-Cp_mm
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-tam.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M4A4RQ2TQA21AQTG9GNK
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 0E0A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZPVBNgANs6j7wQAb
  • https://usersync.gumgum.com/usersync?b=atm&i=ZPVBNgANs6j7wQAb&gdpr=&gdpr_consent=&_test=ZPVBNgANs6j7wQAb
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZPVBNgANs6j7wQAb&gdpr=&gdpr_consent=&_test=ZPVBNgANs6j7wQAb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 04 Sep 2023 02:30:14 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZPVBNgANs6j7wQAb&gdpr=&gdpr_consent=&_test=ZPVBNgANs6j7wQAb
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4529-YYZ
x-timer
S1693794614.086633,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame E6CD 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:13 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0302 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101354
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:13 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame FCBB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=3175ac58-0d9d-47aa-b429-d8f42e050f30
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=3175ac58-0d9d-47aa-b429-d8f42e050f30
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Mon, 04 Sep 2023 02:30:13 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=3175ac58-0d9d-47aa-b429-d8f42e050f30
server
Kestrel
usersync
usersync.gumgum.com/ Frame 3CDF
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZPVBNsCo8YsAANAJGzcAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZPVBNsCo8YsAANAJGzcAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:14 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZPVBNsCo8YsAANAJGzcAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40338.dc2p.scaleout.jp
X-SO-IP
96.9.249.45
X-SO-Key
ZPVBNsCo8YsAANAJGzcAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.45","key":"ZPVBNsCo8YsAANAJGzcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40338"}
X-SO-LB-Hostname
m-tgng39.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40338
sync
sync.bfmio.com/ Frame 358E
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=rwuq9ny&ttd_tpi=1
  • https://sync.bfmio.com/sync?pid=106&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
0
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=106&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:14 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=106&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
date
Mon, 04 Sep 2023 02:30:13 GMT
server
Kestrel
content-length
183
sync
sync.bfmio.com/ Frame 358E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=60
  • https://sync.bfmio.com/sync?pid=169&uid=3723847017943428256
0
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=169&uid=3723847017943428256
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:14 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=169&uid=3723847017943428256
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:13 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ecm3
s.amazon-adsystem.com/ Frame 358E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=ac6b8db2f2104a35e5e958a985a42a245dc5024e&ex=bf.com
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VQ313Z1E8HZ9HFGQ93QV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
sync.bfmio.com/ Frame 358E
Redirect Chain
  • https://ad.mrtnsvr.com/sync/beachfront
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D187%26uid%3D%23PM_USER_ID
  • https://sync.bfmio.com/sync?pid=187&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:15 GMT

Redirect headers

location
https://sync.bfmio.com/sync?pid=187&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
sync.bfmio.com/ Frame 358E
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=124&redir=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D181%26uid%3D%7BuserId%7D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=124&redir=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D181%26uid%3D%7BuserId%7D
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&partner_url=https%3A%2F%2Fsync.bfmio.com%2Fsync%3Fpid%3D181%26uid%3D11401...
  • https://sync.bfmio.com/sync?pid=181&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
0
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=181&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:16 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:16 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://sync.bfmio.com/sync?pid=181&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
sync.bfmio.com/ Frame 358E
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/beachfront/ac6b8db2f2104a35e5e958a985a42a245dc5024e
  • https://sync.bfmio.com/sync?pid=157&uid=y-ckVmJTJE2pKi4v2wCdSfjOoWXITkVl9TAwcsDQKOsw--~A
0
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=157&uid=y-ckVmJTJE2pKi4v2wCdSfjOoWXITkVl9TAwcsDQKOsw--~A
Requested by
Host: sync.bfmio.com
URL: https://sync.bfmio.com/syncb?pid=137
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.bfmio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:14 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.bfmio.com/sync?pid=157&uid=y-ckVmJTJE2pKi4v2wCdSfjOoWXITkVl9TAwcsDQKOsw--~A
content-length
0
pbs.gif
sync.colossusssp.com/ 		0
0
/
onetag-sys.com/usync/ Frame 471B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
618e8b43aaa87a38ec6a53ffc40dc1b6758f6ff56dec2091e268ff5428f4ee03
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1523
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 51F8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=minute_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Requested by
Host: cs-tam.minutemedia-prebid.com
URL: https://cs-tam.minutemedia-prebid.com/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dminutemedia.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-tam.minutemedia-prebid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:14 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
server
AkamaiGHost
PugMaster
image6.pubmatic.com/AdServer/ Frame 221A 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34272020&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e7c87b5b01ff4bf19352661d595c622a8402a1089eff1f4fd4f751b0c799949b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 04 Sep 2023 02:30:13 GMT
content-length
1736
content-type
text/html; charset=UTF-8
ecm3
s.amazon-adsystem.com/ Frame 96B1 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=ded33e39-b6c7-8edf-9855-e059c804b60b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
WWBXRTG23AMBKWYF7D0K
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
12c22400-3ac1-a76c-698c-743b5f60b0a2
pr-bh.ybp.yahoo.com/sync/openx/ Frame 96B1 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/12c22400-3ac1-a76c-698c-743b5f60b0a2?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 96B1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=ded33e39-b6c7-8edf-9855-e059c804b60b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VBHFDD819ETY6D7QF19H
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 96B1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=86054244-aa6d-3525-585b-62cea0377deb&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttd_puid=86054244-aa6d-3525-585b-62cea0377deb&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttd_puid=86054244-aa6d-3525-585b-62cea0377deb&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttd_puid=86054244-aa6d-3525-585b-62cea0377deb&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:14 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 96B1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWE2YTkxOGUtNjMxYS02YjgxLTRkYmItMzg3NzZhZDViMzhi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 96B1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBhmj8Gl3CnInOe4ArLdqzE&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBhmj8Gl3CnInOe4ArLdqzE&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBhmj8Gl3CnInOe4ArLdqzE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 6BE1
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:13 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame 2F81
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:14 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 04 Sep 2023 02:30:14 GMT Mon, 04 Sep 2023 02:30:14 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 2E44
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:14 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:14 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 45BA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:14 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57926
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1230911863589528&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794614015&cd[segment_id]=81752&sw=1600&sh=1200&v=2.9.125&r=stable&ec=2&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794614016&cd[segment_id]=81752&sw=1600&sh=1200&v=2.9.125&r=stable&ec=3&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1230911863589528&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794614018&cd[segment_id]=102567&sw=1600&sh=1200&v=2.9.125&r=stable&ec=3&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794614020&cd[segment_id]=102567&sw=1600&sh=1200&v=2.9.125&r=stable&ec=4&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1230911863589528&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794614021&cd[segment_id]=105086&sw=1600&sh=1200&v=2.9.125&r=stable&ec=4&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=PermutiveSegmentEntry&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794614022&cd[segment_id]=105086&sw=1600&sh=1200&v=2.9.125&r=stable&ec=5&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
Artemis
aud.pubmatic.com/AdServer/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Faud.pubmatic.com%2FAdServer%2FArtemis%3Fuidtype%3D0%26dpid%3D441%26segid%3D21144%2C21967%2C32745
  • https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21144,21967,32745
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21144,21967,32745
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
162.248.18.10 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Redirect headers

location
https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21144,21967,32745
date
Mon, 04 Sep 2023 02:30:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C8B7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101353
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:14 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=271858&extuid=2535980227366638075
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=271858&extuid=2535980227366638075
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:15 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
an-x-request-uuid
f3009079-1f0c-4d96-825a-90eb0e060d10
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.spotim.market/csync?t=a&ep=271858&extuid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
partner
sync.search.spotxchange.com/ 		0
0
csync
sync.spotim.market/
Redirect Chain
  • https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
  • https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-i9UQTq5E2uELVMrWy5FC9mIv3yPy6I5T~A
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-i9UQTq5E2uELVMrWy5FC9mIv3yPy6I5T~A
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:15 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=290146&extuid=y-i9UQTq5E2uELVMrWy5FC9mIv3yPy6I5T~A
date
Mon, 04 Sep 2023 02:30:14 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
partner
sync.search.spotxchange.com/ 		0
0
710530.gif
di.rlcdn.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://di.rlcdn.com/710530.gif
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.140.17 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
17.140.107.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
pitc-boot-next.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/pitc-boot-next.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7bfbc44f1fd50ccbd8686d846b4b6d7c0ebb74ce8e3d2c1eb677964dcfb97cb3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
GUzoYw6MZj7s2VDisPzLsUtUwT5M8lVc
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 09:33:05 GMT
last-modified
Tue, 01 Aug 2023 07:45:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
61030
x-amz-server-side-encryption
AES256
etag
W/"31dfb9dd54d8e55ccee2a299b6aaa2db"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
wvw1T8gcqs0ZrLtGGc0aTnFYaVU1omRXeMCLJ-9Q5sqYHm_HsadMKQ==
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame BDE9 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404005
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xvVclLaESUQvED__zEgq3chyt8Wea6uGO1ZhB67zQb2GUdGNGPy0mA==
postbid.js
ads.blogherads.com/static/ Frame BDE9 		421 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/postbid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d400dbfbf746828edab9cc3a3f82a611a31830b0d7611afd79b0d95ae1cca5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
G64X212GFA1C04D5
age
1790
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ICoTxmy90cymyjcYlyndcNIKy4ySa7hh/GfF/47HpuGk5fZLGknGX2RHYKC7Jrr23zw9wVRC3fQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:29 GMT
x-timer
S1693794614.207501,VS0,VE0
etag
W/"7423bef5d99fd702fe9c804009f4b11b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BDE9 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:14 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame CC71 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404005
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
r23kkyok7syV4N1GyWP03897S13_v8ew-VZExzNBW6BDUCDSr9HJCA==
postbid.js
ads.blogherads.com/static/ Frame CC71 		421 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/postbid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d400dbfbf746828edab9cc3a3f82a611a31830b0d7611afd79b0d95ae1cca5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
G64X212GFA1C04D5
age
1790
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ICoTxmy90cymyjcYlyndcNIKy4ySa7hh/GfF/47HpuGk5fZLGknGX2RHYKC7Jrr23zw9wVRC3fQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:29 GMT
x-timer
S1693794614.266780,VS0,VE0
etag
W/"7423bef5d99fd702fe9c804009f4b11b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
3
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC71 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:14 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame A5BD 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404005
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
FUzNGPcEwuqw3HuCnYdRQnZIAJxrrGGuSA04W_vPa0A9yspp0hhapQ==
postbid.js
ads.blogherads.com/static/ Frame A5BD 		421 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/postbid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d400dbfbf746828edab9cc3a3f82a611a31830b0d7611afd79b0d95ae1cca5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
G64X212GFA1C04D5
age
1790
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ICoTxmy90cymyjcYlyndcNIKy4ySa7hh/GfF/47HpuGk5fZLGknGX2RHYKC7Jrr23zw9wVRC3fQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:29 GMT
x-timer
S1693794614.328016,VS0,VE0
etag
W/"7423bef5d99fd702fe9c804009f4b11b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
4
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A5BD 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:14 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 6B4A 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404005
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
kfDJ5paHQePbN8zuv7BeHuzfDKUY-iC9dXLlTPzKUnw1niL9jfvHCg==
postbid.js
ads.blogherads.com/static/ Frame 6B4A 		421 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/postbid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d400dbfbf746828edab9cc3a3f82a611a31830b0d7611afd79b0d95ae1cca5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
G64X212GFA1C04D5
age
1790
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ICoTxmy90cymyjcYlyndcNIKy4ySa7hh/GfF/47HpuGk5fZLGknGX2RHYKC7Jrr23zw9wVRC3fQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:29 GMT
x-timer
S1693794614.387983,VS0,VE0
etag
W/"7423bef5d99fd702fe9c804009f4b11b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
5
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6B4A 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:14 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:30:14 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:30:14 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 379D 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404005
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
u2sveRqiO4uCWMcikOXi9fTake_0s5K_2RllC1Fz3Cuw1e2d8IW8kg==
postbid.js
ads.blogherads.com/static/ Frame 379D 		421 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/postbid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d400dbfbf746828edab9cc3a3f82a611a31830b0d7611afd79b0d95ae1cca5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
G64X212GFA1C04D5
age
1790
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ICoTxmy90cymyjcYlyndcNIKy4ySa7hh/GfF/47HpuGk5fZLGknGX2RHYKC7Jrr23zw9wVRC3fQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:29 GMT
x-timer
S1693794614.446487,VS0,VE0
etag
W/"7423bef5d99fd702fe9c804009f4b11b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
6
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 379D 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:14 GMT
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:14 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:14 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
pixels
pix.spot.im/api/v1/ 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
via
1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
71kK10xFli2jiQvB4gDKiQ6CoarndnQAUYfG12Ybixzrm46l89OjwQ==
dataBeacons.min.js
data-beacons.s-onetag.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-50.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0ec27031d965281ee498c59565822e0b8e0210d6420f7d34aa23a259bf7074a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
Yg05UO6NTOeAVh89ijS_gJS9wGU8sF2q
content-encoding
gzip
via
1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
date
Mon, 04 Sep 2023 02:28:34 GMT
last-modified
Wed, 19 Jul 2023 15:29:23 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P2
age
101
etag
W/"d94796629c48c2aea8b46d4ba841348d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=3600
x-amz-cf-id
bMQoc6sKzCkdYPprIJBtI6EJJHa_zdOrehnhvRUvdVMrEIZ_f3YnEA==
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 04 Sep 2023 02:30:14 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-id
xXT5Sij70cmZUEpLCj4rcJ2ZvLgDVBPYq2aaHUg6zf6EvQ_hl_FKKg==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ 		59 B
894 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
5c9a4d7378ed6194110c80dc0c2476566051f70a8c2259b7797c7da154d3361e
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
x-post-id
907296
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
e3a6c02f-3821-4966-b815-070e1fd3f4b8
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfWHFWU21IcVMzbWhwIiwiZGlzcGxheV9uYW1lIjoiR29sZFNlYWhvcnNlIiwidXNlcl9uYW1lIjoiR29sZFNlYWhvcnNlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI0dvbGQtU2VhaG9yc2UiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNjkzNzk0NjEzLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTA0MzZVVEVaLjYwY2EwNzI0MzkwMjZhYWJiOTJlNWEwY2VhZmU3ZGI3YTJmNjkxYWY1MzM1OGMwZDM5Zjc5YjMzY2FkZjQ1MzMiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfak5iQnVqbEpGVnJGbkxJem9qaHEiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjIyMTY2MTMsInN1YiI6InVfWHFWU21IcVMzbWhwIn0.DyXOAZDGk1SMseij3V3pEHaBohLQvabb42YgXQ7-ZSE

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
content-length
59
x-spotim-token
0123090436UTEZ.60ca072439026aabb92e5a0ceafe7db7a2f691af53358c0d39f79b33cadf4533
x-request-id
fb5ecbb6-4aca-11ee-81d8-4a6128c055e4
x-guid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
server
fasthttp
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
x-amz-cf-id
IJSxO29Xb9OQPlaNzDS2vKQPlqLmwPSdnrZvC8zYn-b96jz1y0l43Q==
ecm3
s.amazon-adsystem.com/ Frame B5C5 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=ym.com&id=3Rc7eqqnn7qauKa1vxIi
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TF3TK0C59RNT1PP1NYSC
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B5C5 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M1JjN2VxcW5uN3FhdUthMXZ4SWk=
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame B5C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://ads.yieldmo.com/v000/sync?userid=$UID&pn_id=an
  • https://ads.yieldmo.com/v000/sync?userid=2535980227366638075&pn_id=an
43 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?userid=2535980227366638075&pn_id=an
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.71.250.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-250-162.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
an-x-request-uuid
d45ecb46-0788-46e5-bb72-8c9296109e0a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.yieldmo.com/v000/sync?userid=2535980227366638075&pn_id=an
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame B5C5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8800397970
  • https://sync.1rx.io/usersync/tradedesk/3175ac58-0d9d-47aa-b429-d8f42e050f30
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c...
  • https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
0
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://sync-amz.ads.yieldmo.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs-server-s2s.yellowblue.io/cs?aid=11579&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
SPug
image4.pubmatic.com/AdServer/ Frame B5C5
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&redir=true&gdpr=-1&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CYmr9kdE2uUQVVHZ9BoBh45BkvRl5Po-~A&gdpr=-1
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CYmr9kdE2uUQVVHZ9BoBh45BkvRl5Po-~A&gdpr=-1
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-CYmr9kdE2uUQVVHZ9BoBh45BkvRl5Po-~A&gdpr=-1
date
Mon, 04 Sep 2023 02:30:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.yieldmo.com/v000/ Frame B5C5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3Rc7eqqnn7qauKa1vxIi
  • https://ads.yieldmo.com/v000/sync?tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30
43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yieldmo.com/v000/sync?tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Requested by
Host: sync-amz.ads.yieldmo.com
URL: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Protocol
H2
Server
52.71.250.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-71-250-162.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync-amz.ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30
date
Mon, 04 Sep 2023 02:30:14 GMT
server
Kestrel
content-length
181
usync.js
eus.rubiconproject.com/ Frame 51F8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:14 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57926
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 52CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 52CF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&expiration=1696386614&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&expiration=1696386614&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&expiration=1696386614&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:14 GMT
server
Kestrel
content-length
323
dcm
s.amazon-adsystem.com/ Frame 52CF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BSEVPMT1QNRBMFHGM20M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 52CF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGqf7ZMwSZ3Fc6Y0czDWXlI&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGqf7ZMwSZ3Fc6Y0czDWXlI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGqf7ZMwSZ3Fc6Y0czDWXlI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame 52CF 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
crum
dsum.casalemedia.com/ Frame 52CF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2535980227366638075
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2535980227366638075
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
an-x-request-uuid
90b17297-bba5-406f-a5cc-637c70f25073
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 52CF 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 52CF
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=fae2f914-4aca-11ee-872e-d4bc0acdf791
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=fae2f914-4aca-11ee-872e-d4bc0acdf791
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:16 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
server
Cowboy
content-type
image/gif
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=fae2f914-4aca-11ee-872e-d4bc0acdf791
access-control-allow-origin
*
p3p
CP="NOI OTC OTP OUR NOR"
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
0
expires
Thu, 23 Sep 2004 17:42:04 GMT
ecm3
s.amazon-adsystem.com/ Frame 52CF 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:14 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V1QN9SYNPKZYMDC304QM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/i/1173/8.gif?id5id=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA&o=api&gdpr_consent=undefined&gdpr=false
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F108%2F7%2F2.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_co...
  • https://id5-sync.com/c/1173/108/7/2.gif?puid=f3a6c746-4028-425d-8997-c0b7dc5b7eac&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://id5-sync.com/k/264.gif?puid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=%%TTL%%
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F1173%2F124%2F5%2F4.gif%3Fpuid%3...
  • https://id5-sync.com/cq/1173/124/5/4.gif?puid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F429%2F4%2F5.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/1173/429/4/5.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=3175ac58-0d9d-47aa-b429-d8f42e050f30&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F1245%2F3%2F6.gif%3Fpuid%3D%5BSOVRNID%5D...
  • https://id5-sync.com/c/1173/1245/3/6.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F1173%2F429%2F2%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/1173/429/2/7.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Date
Mon, 04 Sep 2023 02:30:24 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 2E44 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:14 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57926
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
v2
ap.lijit.com/readerinfo/ 		127 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b29d62fdba4bbbc875a4bf51e484b0ab6f536c3ec2bdc3fc1641ebdac59f3310

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
142
cs
cs-server-s2s.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11603%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BUSER_CONSENT%5D%26uid%3D$%7BBSW_UUID%7D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Location
https://cs-server-s2s.yellowblue.io/cs?aid=11603&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
csync.loopme.me/ Frame 35F2 		0
0
cs
cs-server-s2s.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11575%26uid%3D%5BUSER_ID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=82F235EFF1234674BB5C958FB6785F44
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=82F235EFF1234674BB5C958FB6785F44
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:15 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11575&uid=82F235EFF1234674BB5C958FB6785F44
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
x-varnish
418236041
access-control-allow-credentials
true
content-length
0
cs
cs.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=typeaholdings
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.63%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=6844619947
  • https://sync.1rx.io/usersync3/mediamathtest/2069.63/d0a664f5-4137-4e00-931c-0b407a189fe2?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11599%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
  • https://cs.yellowblue.io/cs?aid=11599&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11599&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs.yellowblue.io/cs?aid=11599&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
cs
cs.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11587&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11587&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
23
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11587&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
date
Mon, 04 Sep 2023 02:30:15 GMT
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11596%26id%3D$UID&gdpr=0&gdpr_consent=
  • https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2535980227366638075&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2535980227366638075&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
an-x-request-uuid
11999277-71be-432c-9a95-ada3f4dbe581
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cs-server-s2s.yellowblue.io/cs?aid=11596&id=2535980227366638075&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=rise&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11584%26uid%3D$UID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=0&gdpr_consent=&us_privacy=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cs-server-s2s.yellowblue.io/cs?aid=11584&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=0&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cs
cs-server-s2s.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
cs
cs-server-s2s.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=194590&cb=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11583%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:15 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cs-server-s2s.yellowblue.io/cs?aid=11583&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
0
Expires
0
cs
cs.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://sync.1rx.io/usersync2/rise?redir=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11579%26id%3D%5BRX_UUID%5D
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2136%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=8931085338
  • https://sync.1rx.io/usersync3/mediamathtest/2136/d0a664f5-4137-4e00-931c-0b407a189fe2?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fcs.yellowblue.io%2Fcs%3Faid%3D11579%26id%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
  • https://cs.yellowblue.io/cs?aid=11579&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11579&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cs.yellowblue.io/cs?aid=11579&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
cs
cs-server-s2s.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://sync.go.sonobi.com/us?gdpr=0&consent_string=&loc=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D115667%26uid%3D%5BUID%5D
  • https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=115667&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cs
cs-server-s2s.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562615&ev=1&us_privacy=[US_PRIVACY]&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11592%26uid%3D%25%25VGUID%25%25
  • https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=y2aI2Ueo8q3c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=y2aI2Ueo8q3c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://cs-server-s2s.yellowblue.io/cs?aid=11592&uid=y2aI2Ueo8q3c&ev=1&us_privacy=[US_PRIVACY]&pid=562615&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
cs
cs-server-s2s.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=58ceaaf5-c766-4c17-869a-d76e43401714&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11563%26id%3D
  • https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=6e055ed2-7d82-0860-131c-3e5c819ea9a8
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=6e055ed2-7d82-0860-131c-3e5c819ea9a8
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-server-s2s.yellowblue.io/cs?aid=11563&id=6e055ed2-7d82-0860-131c-3e5c819ea9a8
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 35F2 		53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:16 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:16 GMT
cs
cs.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=77&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11600&id=990277896830277133&gdpr=0&gdpr_consent=
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11600&id=990277896830277133&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs.yellowblue.io/cs?aid=11600&id=990277896830277133&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:15 GMT
content-length
0
cs
cs.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=cd5832ec7545d1929e5a56aa36bc4714&gdpr_consent=&gdpr=0
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=cd5832ec7545d1929e5a56aa36bc4714&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:15 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=cd5832ec7545d1929e5a56aa36bc4714&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794615959048-160
cs
cs-server-s2s.yellowblue.io/ Frame 35F2
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0015a00002hdV5tAAE&ru=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11580%26puid%3D33XUSERID33X
  • https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212166994878779
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212166994878779
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
referrer-policy
unsafe-url
server
33XP019
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cs-server-s2s.yellowblue.io/cs?aid=11580&puid=212166994878779
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ecm3
s.amazon-adsystem.com/ Frame 35F2 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rise.com&id=wTUvU2M-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
G523SMQ0RY8DE74YW318
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
conversation-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.83.12/ 		47 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.83.12/conversation-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
adfdbaf24adec41a47a72f9acc3f245b16e833df152ca6f8418e969db19c7fb0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 09:14:37 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
zgwEMMjQeyj1aaiK83nNH2TNGn83cyN4
x-amz-cf-pop
JFK52-P1
age
1185338
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
14652
last-modified
Mon, 21 Aug 2023 09:12:06 GMT
server
AmazonS3
etag
"7c1047da501918f73909e36049c640b7"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
TBQsQ9LEAFiKEIHlpLj0xypr3KEdPHcQSZuMi60PE_OEpg79w4X3uA==
ec24cb303220fcfc94f8.svg
static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/ 		3 KB
1021 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/ec24cb303220fcfc94f8.svg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 20 Aug 2023 15:14:25 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
x7oZVj8mAcR.LHRNSoJwn4JVnMR9dZxI
x-amz-cf-pop
JFK52-P1
age
1250150
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
549
last-modified
Sun, 20 Aug 2023 13:47:37 GMT
server
AmazonS3
etag
"2fb4c511e325b1064ff9babf599fbcee"
vary
Origin
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
8B5vCu1cp5MmTV3dcGZwWIzhGyVlaWPCfjiWySXdYn0FpCThwR03zQ==
ad-choises.png
publisher-assets.spot.im/yad/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publisher-assets.spot.im/yad/ad-choises.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-90.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 08:50:05 GMT
via
1.1 e8bd72d9a7c5eaf252aab1ed2d79e1a6.cloudfront.net (CloudFront)
last-modified
Mon, 02 Jul 2018 15:08:43 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
63610
etag
"643378ef8a85df26380de21f9beb58ba"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
4550
x-amz-cf-id
DoEnRPoGrrUDH5bE7ZAmaqs6XoF8Sqc532QcrDw_gKR6oxgAypwzMg==
pixels
pix.spot.im/api/v1/ 		0
228 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
via
1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
tWlG47enFDiotB90olyozsfHRHQYXBKvtKsxb7c-mamuOcGZUN00hg==
jload
pixel.adsafeprotected.com/ Frame EB55 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930203&campId=970x250&pubId=15403870&chanId=227445190&placementId=5748882211&pubCreative=138357559817&pubOrder=2876985011&cb=1475284485&adsafe_par&impId=f7d00b9a-4aca-11ee-b76d-02210cbb4ca3&custom2=flxban&custom3=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
/
Resource Hash
a5cf239c7e8d9f9941c21e599f20f2f4dfafa423a8c482bcdf9647fe97d8f873

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame BDE9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslUqjOXyXYQq0Abmz09NmxgvbLiWIsfKlRms12voER9VROnZJ1PkqxTV51yYCro8Tk2Y28DFGKwEgm_hKPoD8-UN8zO5x4XhgPJR0P9ku4v94l6bFK79VmlqBcr_jW_JAQQwdOXE7yglFVX17Ykk2jNMoEijWLQgsxBm9dSYJbWPL3jpJX8MrnQewcBtkyhvEGYyZQiA0bN2xvwQ6YSUZ_EyvqYIwkZWN44dz2Iysv-nyqUvydZPVXd-Y0nnOhBuUcssjJ8VYj_r6QUAL3HdALl9SyKY0Z7N8Yfm3vaUl8_UN89ncV4MlGQnztm9bmoKIuv4JCrZo&sai=AMfl-YS8eiqXt3cx83Wlof6w8AgasZpyzbcr-4x0NkBDebWNV7PQ75VFGaaKOpzCbFzUMoDHh-cEDjwaceDUlIYbZIbKpc3NWpaty2RIuhnoPYhyJeSDnxQfublAlFUkgeiIoNXJX2H8NsqBOPhEbhVcBBg&sig=Cg0ArKJSzHJrZWO3Vp_dEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
usermatch
ssum-sec.casalemedia.com/ Frame 4CDF 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
57e24c71c465e7aab73fc9ca0de9a6c453ff3fe55fee0de752e5ae97757b4707

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1776
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:15 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 9A34
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:15 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame FCB0
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
content-length
0
x-amz-cf-id
RDRfnGFlJL2NcOFWqGgwlZERFEZG7zotBaV1Of1vVpzExTv5Zpzv9g==

Redirect headers

date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame FCB0
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
bPnpz_UFtQmlbWebxd4xX2poKdy9VMmFZ0nWskMTOgnfkmfokfmGRw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
date
Mon, 04 Sep 2023 02:30:16 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame FCB0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386615
0
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386615
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
JWy347MZskFFp5UFJ5zvt67M3K8_mSuT0MNesxy0gwfrTOfaj6UUOg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386615
date
Mon, 04 Sep 2023 02:30:15 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame FCB0
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
G_FqO4PHA9QEn5iOZ_yw1dlJUZJEjM1VGGaaatslJsVUHuu0Me46zg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
sync
usr.undertone.com/userPixel/ Frame FCB0
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
qV4DlASCWC_Og9JK1q0L19uChbyA5ze30wv-S_LjcZ5V88FyHosJ7w==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame FCB0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
8IY5eSd_FEguKuh9OLflVXiXwNq9_4oVnib5e4ad7CVoWw-33BS1eA==

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:14 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame FCB0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
I8GBspm_9Ap-hhzFCpeAriMe3eZIOxWcRy7kkzlRlgXZNI33TpBSpQ==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
date
Mon, 04 Sep 2023 02:30:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame FCB0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=undertone.com&id=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:15 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
J48FNRRFH0WR5ZMMY6SE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
t.gif
cw.addthis.com/ Frame FCB0 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=240ab8accf13429baf1eb69921bd87db
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.66.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-66-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 04 Sep 2023 02:30:15 GMT
demconf.jpg
dpm.demdex.net/ Frame FCB0
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=152416&dpuuid=24td0frjcg4v9teczygazdi3f
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=24td0frjcg4v9teczygazdi3f
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
HTTP/1.1
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-05d4e4ced.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
tBolOQmkQg0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-va6-1-v049-0cf2c522f.edge-va6.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
z6qlHDM1QMM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=24td0frjcg4v9teczygazdi3f
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame FCB0 		62 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 04 Sep 2023 02:30:15 GMT
content-length
62
content-type
image/gif
396846.gif
idsync.rlcdn.com/ Frame FCB0
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=24td0frjcg4v9teczygazdi3f
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d3c33d22-672a-0345-0722-e23d99ac1c33
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d3c33d22-672a-0345-0722-e23d99ac1c33
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 04 Sep 2023 02:30:16 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d3c33d22-672a-0345-0722-e23d99ac1c33
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usermatch.gif
beacon.krxd.net/ Frame FCB0 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?partnerid=49&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dundertone.com%26id%3D%24%7BUIDENC%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.87.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-87-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
beacon-n010-ash-prod.krxd.net
date
Mon, 04 Sep 2023 02:30:15 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1693794615
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 471B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 04 Sep 2023 02:30:15 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x48 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Sep 2023 02:30:14 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 471B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.90 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 471B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
an-x-request-uuid
2f09a7b5-4bea-4e3a-858d-57cd3736b47f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 471B 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=J9uT8nW69iHkHkmIgCJs36ZZf9E7XVeRlOqjHPLVxVU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 471B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4Gv0Pkl8ylM3jEHy7eUHrkkv5KBUpI9A
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4Gv0Pkl8ylM3jEHy7eUHrkkv5KBUpI9A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H3
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4Gv0Pkl8ylM3jEHy7eUHrkkv5KBUpI9A
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame 471B 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.170 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 471B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UnQfgXgGT-1dhLV1H2TeKSBjUMSLTx6J2xtHOc4ji4E
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UnQfgXgGT-1dhLV1H2TeKSBjUMSLTx6J2xtHOc4ji4E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GCC3KVMAWB9F9VGJYPJ5
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=UnQfgXgGT-1dhLV1H2TeKSBjUMSLTx6J2xtHOc4ji4E
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame 471B 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:14 GMT
content-length
0
/
onetag-sys.com/match/ Frame 471B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJGeyDuzsKFaAoSLYuWfRdk&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJGeyDuzsKFaAoSLYuWfRdk&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJGeyDuzsKFaAoSLYuWfRdk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 471B
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=y2aI2Ueo8q3c&ev=1&us_privacy=&pid=562985
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=y2aI2Ueo8q3c&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=y2aI2Ueo8q3c&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
/
onetag-sys.com/match/ Frame 471B
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=6cad4a6ed2a61312&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHSvoE9Y8frANuCnNmAAAAAAA&expiration=1693881016
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHSvoE9Y8frANuCnNmAAAAAAA&expiration=1693881016
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAHSvoE9Y8frANuCnNmAAAAAAA&expiration=1693881016
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 471B 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 471B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:15 GMT
server
Kestrel
content-length
233
sync
x.bidswitch.net/ Frame 471B 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cs
cs.minutemedia-prebid.com/ Frame 471B 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21493&id=J9uT8nW69iHkHkmIgCJs36ZZf9E7XVeRlOqjHPLVxVU
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=765b4e6bb9c8438
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://onetag-sys.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
jload
pixel.adsafeprotected.com/ Frame 740E 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930203&campId=728x90&pubId=15403870&chanId=227445190&placementId=5749486547&pubCreative=138357597360&pubOrder=2876985011&cb=365862287&adsafe_par&impId=f7d00b9b-4aca-11ee-b76d-02210cbb4ca3&custom2=frame2&custom3=s1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
/
Resource Hash
58aae83b5afe4fe6d6663fbd7db69e536570d689abb4746d597c2aa931ed594f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame CC71 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsup7D4tRqaB6Sk6Y6sCSqS2f3mRHnaYOj-R9Jfwn4maH8fArgQ9vpxrMdFyWhUOLOsbZzVN0K0YoKJTi0Pb1Fu7FEPh6gpfsujirsdMN5-gMIaV0-KV9ry5MF3AcT8l_tGdyCF3I82qSm-Cvsnd-905PXpmgvN1bAr9EIFhNCfW7QMfRgxnOlirmrZwK3B5jfwunVMFFX2IzdcytG19BSui3hPY4ixtqfmpuBAA5x9VYCcPdoeBEmDEygD2N7GXbbmKCql-40hhmdOfgsXFu3SH-w1S8E5f6KcPUlMmyn2RVXZlxHyF4ZVf8Lq9qxV1PBR2m_w4hmM&sai=AMfl-YRbFvi2m0XPSH3oVkcPpAoNz5Vue6C-vkrgva_Ktk_pbgRU63WT2vum7uD09dEn7yhyYw6W3P92nW_QLtCk1oHLmRWDAW4l3-qg6Dy8XGKbEnTcEgnrS1s9Jg_yNH0L7WZxqg6LCXMuvZ-g6i-uldQ&sig=Cg0ArKJSzLpLtKVDFKGIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
jload
pixel.adsafeprotected.com/ Frame C173 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930203&campId=300x250&pubId=15403870&chanId=227445190&placementId=5747529099&pubCreative=138357532778&pubOrder=2876985011&cb=275990459&adsafe_par&impId=f7d00b9c-4aca-11ee-b76d-02210cbb4ca3&custom2=flxrec&custom3=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
/
Resource Hash
50883e14db0b82e15bb8c7506f24c28ccacfdc516d81e26ffbdded823fd5babe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A5BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlc9XHo2yFn1-P--Un6MdWa6XeAIPavAtgT1Ru3X6hEj_JhOlRfo5jS5Xm9Vr1OobalgZiZUBXpyGuxqT6g4032GXHk5oiKdYm5wIGxBRkWsiKYUWpkwo5vzJTV-Wj0nmXwoZtVJ50XJQ5G2ffARJ5nRngJXYlCaOSUkGu0HiTn0g8FDJbOPJ1r-kkj9lr9u-yGxcuwwGwgUNrgdQi4anXXjGT0sZZkVBZ3L8tdIJlQq2z9KmwXcm9vQ4ji_-RjVVSXUBrlMFsc3I1gKEIIn1OSBJlKjwJhz7awYuwLRmc9Ugx7QbKLiwV8fNLnH1Zb2tmL3IJ49I&sai=AMfl-YSoArmPbRFynSoCNVDr84-e3VVAJdFf8a-qMdl2uvZ0-pSlGBxAo1jrAjNmMwwIHJxhf-3ocNbt0fjDrpOoIx918rMZElKxNGua0ihgTI_wM2aUBbjQDt9nimzCJBYC2lSpL40W96IqpuDRcH_09wU&sig=Cg0ArKJSzKefvNdZalv4EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
onetag-sys.com/usync/ Frame 5F1A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
ab3bb5ecd333f5d9dee6a2b38e881142bddbfe04e9204a02b592c21e6a9db1e1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1449
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame DF0D
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=rise_engage&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drise.com%26id%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs-server-s2s.yellowblue.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:15 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:15 GMT
location
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
server
AkamaiGHost
vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/ 		268 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/vendors-node_modules_spotim_common-components_dist_index_js-node_modules_spotim_topics_dist_t-5d9d60-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cd17af00b58e83bcf70fa97448e21bc6def92af0c00dfa7349aeb3200c40b8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
0bzDV2sV_STMMrRM496SmRZW_NGJvE71
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 11:16:36 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
54820
x-amz-server-side-encryption
AES256
etag
W/"65b6fded5f4ad8a82780bdb8f6a581a9"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
s4In7j9uVw3VgvI-d1ogN3UfeD97FMccBJsCxacuDX570p6R7OM4Qw==
src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-c938d2-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/ 		67 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/src_components_NotificationItem_NotificationDescription_NotificationDescription_tsx-src_compo-c938d2-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61cfed754c3b86c633e0e69daef2962f40f426d4fe8bda08164fd7ab608f0e0b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
rAZ0xk39cnV7PZLcLnnzHbwBbdgEvTt7
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 12:00:55 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
52161
x-amz-server-side-encryption
AES256
etag
W/"5f391ab0d2d171dead272dafdae8a422"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
kdlM_0DzVSBzeKuACLcZbeiqO94Bjcw7rGbUEjNTo7XUraI7oBPmNQ==
src_next_features_BootStickyNotifications_index_tsx-bundle.js
static-cdn.spot.im/production/notifications/tags/v1.23.1/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/src_next_features_BootStickyNotifications_index_tsx-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
785d2a3b79de241b223b69b3c0f95804da264cdf50c0074d0566e89bf11dfde7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
hDrcsWlaXjkDR40VRzuVHy7k_TIYQoII
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 12:00:55 GMT
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
52161
x-amz-server-side-encryption
AES256
etag
W/"21317135d3f4011c632887268f914c9d"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
fUDs2MKnVOqwkyzM5ExhAJSTV7xn-3nnWBinM11r413peFiL6AlZaw==
styles.css
static-cdn.spot.im/production/notifications/tags/v1.23.1/ 		236 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/notifications/tags/v1.23.1/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b4d13db2de7ca2cfbdb0898a8d4f2b681438d63b6d037ab050ef3599773056f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
RW0xnZVefRKltbgJ8C0qyOyTyPYl0n_4
content-encoding
br
via
1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 12:00:57 GMT
x-amz-cf-pop
JFK52-P1
age
52159
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 17 Aug 2023 16:01:30 GMT
server
AmazonS3
etag
W/"2801fd94aff85ac1d89a06bbb56ed91e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
4MkmeSl5b6Td0nujg_lo5duV1xkE0VEB2xCWCnzrV5-2dwmYvGWRbQ==
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 4798 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21de32a31b934126535d48ccc684d18827d937d7e08d68cb68149a894b914d62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
cajW43s2zOUREzaSfVxr.FHBs4V63Z1V
content-encoding
br
last-modified
Thu, 24 Aug 2023 09:34:49 GMT
server
AmazonS3
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"dbb50c1d59c31f0ccd09001e145c285f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
2034
x-amz-cf-id
__JeIPhSad7dHIn_s44I5nvJ4bsnk6CsOsCL5BXdwLw6N6Diq14ZAw==
hb_270443_610.js
player.spotim.market/prebidlink/470498/ Frame 4798 		916 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/470498/hb_270443_610.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
38390471daa6d0a426c3374ccfe35d9a4d854bc2e90081f888e6b24c77287e3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:15 GMT
date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 06:15:51 GMT
server
nginx
etag
W/"64f2d317-394"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4798 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95de51b35f4b003974cd6a3a2ebe4c0f02b95e625c250e20d61e5f953a717d50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29084
x-xss-protection
0
server
cafe
etag
46 / 19604 / m202308290101 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:15 GMT
wrapper_hb_270443_610.js
player.spotim.market/prebidlink/470498/ Frame 4798 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/470498/wrapper_hb_270443_610.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
04bb564d571f199081bad111bc1652e866bb7ae08c6e9c68ee18f770d7dad48a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:15 GMT
date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 06:15:51 GMT
server
nginx
etag
W/"64f2d317-85f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame B3F9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21de32a31b934126535d48ccc684d18827d937d7e08d68cb68149a894b914d62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
cajW43s2zOUREzaSfVxr.FHBs4V63Z1V
content-encoding
br
last-modified
Thu, 24 Aug 2023 09:34:49 GMT
server
AmazonS3
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"dbb50c1d59c31f0ccd09001e145c285f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
2034
x-amz-cf-id
GdBFMoAw70SlY9oLOmj3cnEqqM6f-VVKNrDGYzK6zaOfpLKnxLNrJQ==
hb_270443_610.js
player.spotim.market/prebidlink/470498/ Frame B3F9 		916 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/470498/hb_270443_610.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
38390471daa6d0a426c3374ccfe35d9a4d854bc2e90081f888e6b24c77287e3c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:15 GMT
date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 06:15:51 GMT
server
nginx
etag
W/"64f2d317-394"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame B3F9 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2d0de3d7e8c4d1d2c5fcf9559684547f5ed3448aa6c3ec9ad359f923ae7fe93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29096
x-xss-protection
0
server
cafe
etag
226 / 19604 / 31077576 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:15 GMT
wrapper_hb_270443_610.js
player.spotim.market/prebidlink/470498/ Frame B3F9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/470498/wrapper_hb_270443_610.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
04bb564d571f199081bad111bc1652e866bb7ae08c6e9c68ee18f770d7dad48a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:15 GMT
date
Mon, 04 Sep 2023 02:30:15 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 06:15:51 GMT
server
nginx
etag
W/"64f2d317-85f"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
dcm
s.amazon-adsystem.com/ Frame C2CE 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:15 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
W4B1XVR0QMPEDM0F3BVA
ecm3
s.amazon-adsystem.com/ Frame 5FD7 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=pubmatic.com&id=PM_UIDA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:15 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
CPQM6TN2N5YMWXJRSMXR
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 221A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pq1aO2f_TUOvJNKY-3_I-A%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=101351
accept-ranges
bytes
content-length
5636
expires
Tue, 05 Sep 2023 06:39:27 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:15 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 221A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Df3a6c746-4028-425d-8997-c0b7dc5b7eac%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2535980227366638075&pt=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2535980227366638075&pt=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
an-x-request-uuid
8c40f890-7464-4267-9d82-2ccad3464cfd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=2535980227366638075&pt=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 221A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&rnd=RND
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 221A 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:15 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/match/ Frame 221A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTZBRDVBM0ItNjdGRi00RDQzLUFGMjQtRDI5OEZCN0ZDOEY4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3723847017943428256&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:19 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 221A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECgGmkStI0186o2kh9a1bIk&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3723847017943428256&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Sun, 03 Sep 2023 09:52:51 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 221A
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:C14E48D5177140E2A6F7C142966EB206
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3723847017943428256&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
sync
sync-pm.ads.yieldmo.com/ Frame 221A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3DA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8%26gdpr%3D0%26gdpr_consent%3...
  • https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
35.173.120.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-120-247.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:16 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 221A 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8?gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:15 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
jload
pixel.adsafeprotected.com/ Frame 3E69 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930203&campId=300x600&pubId=15403870&chanId=227445190&placementId=5749534799&pubCreative=138357940384&pubOrder=2876985011&cb=1908282859&adsafe_par&impId=f7d00b9d-4aca-11ee-b76d-02210cbb4ca3&custom2=flxrec&custom3=2
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
/
Resource Hash
e1c73bfe44727bed20ff334bbec27f1de0a82b1724bae139a28688edaf8681a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6B4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOWdQeskkDtRPbaEM8OBQ2X28IWAGDNpCTW5lPIACqVBT0U_KlMXXZcg-11OA6tBpUR6idHNnj6ygiYC5wBP0wGk8_HqWLBD7RuN0BrJ1bJQiJF7iUsv7Afbms1ZKx9UNT2n-BlpaiYBtvyJpVOvF5K57ZhGWqaDEemhLjOvCxIdyw7UD9DM4uwViSz41WiV8Zopy7FKwcI2tArqHqYHyOr3PtGg3JUgYb6DJGs_zCCOXH3XGdVcq1es-JJFh2XGda3k_ebw42hV2wsh7mDaQ0ImkbZ0Es5_AJIZ9SRuEYYQ67j8y4OqudH-CreB8DnR_3s6g8JoI&sai=AMfl-YSGmdZtyybeVGXDoK_ihlUzsApPtVXQagJ_gYcihW5q-1l4bRYvWt7vhLlJd1GtY4QO-NNYiarrpn0O45clJTtryWnjsVYNLfNL-cMuAPSDiag9D5jVJHyy2dfps4i3EhLDG15NwH82wo6jmKqxQcQ&sig=Cg0ArKJSzOVYm3EAI83dEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
jload
pixel.adsafeprotected.com/ Frame 6520 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930203&campId=300x250&pubId=15403870&chanId=227445190&placementId=5749533821&pubCreative=138357939916&pubOrder=2876985011&cb=1193819157&adsafe_par&impId=f7d00b9e-4aca-11ee-b76d-02210cbb4ca3&custom2=mrec&custom3=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
/
Resource Hash
1700ce319dc58349b643a2770c80959c7156160ecb9b1bcd9f2cf837769d50bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 379D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssp9WVPVXHkkp8uB29mkHNW4UpEUSASrkc-QeXypr4olkoIm-kSfYXuoFZeifXOSB5NJU3pwV82CEzy6QTsN62iEMXy1Wg-hivtrdkHZkAX97coo1goV3wWkKT7QV62N41LDvPYKvZobiPKxq7PHNW9VkUfpTIVDLyNbQOPx69YsloiqSY3MKeArrz2-yCOGfk_BGbmG7cXcCAN1rzq7i6f3dCAXTb4mNM5_rjQgzK9CGuzvFUjylAabwjmLL63oLGer0WlKYgT5EmnqaQ5edhLkiErA8oNlUzvR63V2WFejAgG3zwZH7hKOSewxR-oduUl_S1wwbI&sai=AMfl-YTX0tmq5u7JHPebprnwXtzhK2gjsWyO4_MHSbnJo8wCIk0uNXBLVZtT2TkQMGVNgeZcySFdiHTswJiGitP2-5lGoHIXUX9KOS0n4sRKQyvZm2ioFrV_o0mnNkWYNTOXNeSBzq2Mb8fIaAwwMrKCzbg&sig=Cg0ArKJSzK3Z3tgEOjaiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 45BA
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&khaos=LM49KSCX-B-B1NA
  • https://s.amazon-adsystem.com/ecm3?id=LM49KSCX-B-B1NA&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LM49KSCX-B-B1NA&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
T63E6ZQFVPE71AZA5M62
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LM49KSCX-B-B1NA&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SPS2TCRBW2&gtm=45je38u0&_p=373171656&cid=1789139906.1693794608&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1693794607&sct=1&seg=0&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&dt=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPS2TCRBW2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&kq=1&lo=0&qs=1&ak=-&i=NATIVOINVCONTENT1&ud=false&qm=600&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!w%5ETm_hBE%22%3B8%2BYe6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23V%7Du%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=1&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=15385&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&cm=33&f=0&j=&o=3&t=1693794610384&de=463464521125&cu=1693794610384&m=6191&ar=6194820-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=5328&cd=1&ah=5328&am=1&re=0&wb=1&cl=0&at=0&d=14294%3A-%3A-%3A-&gw=nativonielsen548znrb18&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98815&na=1675539234&cs=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.189.209 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-189-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 04 Sep 2023 02:30:16 GMT
setuid
prebid-server.rubiconproject.com/ 		86 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=rubicon&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=10278&f=i&uid=LM49KSCX-B-B1NA
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0
events
api.permutive.com/v2.0/batch/ 		401 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
b4b9b83d308504fd4fc66fa4ef87c91f91e0ba6dc4228bfea3bd2e61bbb9c9ef

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
187
usermatchredir
ssum-sec.casalemedia.com/ Frame 4CDF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4CDF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGqf7ZMwSZ3Fc6Y0czDWXlI&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGqf7ZMwSZ3Fc6Y0czDWXlI&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGqf7ZMwSZ3Fc6Y0czDWXlI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=903&dpuuid=3175ac58-0d9d-47aa-b429-d8f42e050f30
dpm.demdex.net/ Frame 4CDF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Daam
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=3175ac58-0d9d-47aa-b429-d8f42e050f30
42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0262d3987.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
AEXZXxBPSuE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=3175ac58-0d9d-47aa-b429-d8f42e050f30
date
Mon, 04 Sep 2023 02:30:17 GMT
server
Kestrel
content-length
189
dcm
s.amazon-adsystem.com/ Frame 4CDF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:16 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
15YQ0GJ3Y71GTEDFFB65
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4CDF
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Awvm-QEOs_wYW7WtDV2t-QdbtPUYC7itAw2ByIc_
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Awvm-QEOs_wYW7WtDV2t-QdbtPUYC7itAw2ByIc_
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=Awvm-QEOs_wYW7WtDV2t-QdbtPUYC7itAw2ByIc_
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum.casalemedia.com/ Frame 4CDF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2535980227366638075
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2535980227366638075
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:16 GMT
an-x-request-uuid
ebcd3471-3ea2-401b-9ff9-c08f71a0521e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4CDF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=82&gdpr=$%7bGDPR%7d&gdpr_consent=$%7bGDPR_CONSENT%7d
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=990277896830277133&gdpr=0&gdpr_consent=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=990277896830277133&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=990277896830277133&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:15 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 4CDF
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C14E48D5177140E2A6F7C142966EB206
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C14E48D5177140E2A6F7C142966EB206
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:16 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C14E48D5177140E2A6F7C142966EB206
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Sep 2023 02:30:16 GMT
sync
usr.undertone.com/userPixel/ Frame 4CDF 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
ImH6ToIdKpDfRDpV3YaGh8Mogu1VfwAQ5YOl0Irc1DRRTR9D_LjPlw==
usync.js
eus.rubiconproject.com/ Frame 9A34 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57924
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
TS1WuGzrX0tbWvAbDX8DAh
embed.reddit.com/svc/shreddit/ Frame 9C18 		2 B
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.reddit.com/svc/shreddit/TS1WuGzrX0tbWvAbDX8DAh
Requested by
Host: embed.reddit.com
URL: https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Content-Security-Policy child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-OfdbR6YTKQvbftLMSE9+hQ==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports

Request headers

Referer
https://embed.reddit.com/r/Anticonsumption/comments/11a1zdk/walmart_is_slowly_swapping_from_cardboard_to/j9r7iqw/?embed=true&ref_source=embed&ref=share&utm_medium=widgets&utm_source=embedv2&utm_term=23&showmedia=false&showmore=false&depth=1&utm_name=comment_embed&embed_host_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
x-sh-microapp-route
monolith
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

content-security-policy
child-src 'self' blob: accounts.google.com;connect-src 'self' events.redditmedia.com o418887.ingest.sentry.io *.redd.it *.reddit.com vimeo.com alb.reddit.com accounts.google.com/gsi/ w3-reporting.reddit.com reddit-uploaded-media.s3-accelerate.amazonaws.com reddit-uploaded-video.s3-accelerate.amazonaws.com wss://*.wss.redditmedia.com wss://gql-realtime.reddit.com api.giphy.com js.stripe.com;default-src 'self';font-src 'self' data:;form-action 'none';frame-ancestors 'self' *.reddit.com *.snooguts.net;frame-src 'self' www.reddit.com www.youtube-nocookie.com player.vimeo.com *.redditmedia.com cdn.embedly.com redgifs.com www.redgifs.com accounts.google.com/gsi/ www.google.com/recaptcha/ recaptcha.google.com/recaptcha/ js.stripe.com hooks.stripe.com;img-src 'self' data: blob: https:;manifest-src 'self' www.redditstatic.com;media-src 'self' blob: data: *.redd.it www.redditstatic.com;object-src 'none';script-src 'self' 'unsafe-inline' 'unsafe-eval' www.redditstatic.com js.stripe.com 'nonce-OfdbR6YTKQvbftLMSE9+hQ==';style-src 'self' 'unsafe-inline' www.redditstatic.com *.reddit.com accounts.google.com/gsi/style;style-src-attr 'unsafe-inline';worker-src blob:;report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
server
snooserv
content-security-policy-report-only
object-src 'none';script-src 'nonce-OfdbR6YTKQvbftLMSE9+hQ==' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https:;frame-ancestors 'self' *.reddit.com *.snooguts.net;base-uri 'self';report-to csp;report-uri https://w3-reporting-csp.reddit.com/reports
report-to
{"group":"csp","max_age":31536000,"endpoints":[{"url":"https://w3-reporting-csp.reddit.com/reports"}],"include_subdomains":true}
content-type
text/plain; charset=utf-8
vary
Accept-Encoding,accept-language
x-is-wrs
false
cache-control
private, s-maxage=1, max-age=1, must-revalidate
accept-ranges
bytes
content-length
2
usync.js
eus.rubiconproject.com/ Frame DF0D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:16 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57924
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
sync
eb2.3lift.com/ Frame 1399 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?us_privacy=1---&
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
d0adbbcf933395d6b67e968dffcdd55639d88a4444c4f23cd8b34399201c140d

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1287
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:16 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 903A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:16 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame E176 		2 KB
734 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCrYBShB3d3cuc2hlZmluZHMuY29tUgthYXMtNWI4NDI0NVoIcGJhMS4zLjJqEHd3dy5zaGVmaW5kcy5jb236AQY3LjQwLjDoAgGIA7SC1acGqANj6gMkZmUyOWU3OTktOWIxYy00OTdlLWJhYmQtNzlmNjNhZGI2N2I2qgQDRENIsgUDVVNE0gUEMTEyNtgFAeAFAeoFB2Rlc2t0b3D6BQNueTWqBwN3ZWLKBwxzaGVmaW5kcy5jb20
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
40f911eaafaeb111aaf9d0b79bc9838d680518be3484482af455b7f4c6767804

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
645
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:15 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
0
sync
pre.ads.justpremium.com/v/1.0/t/ Frame F833 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pre.ads.justpremium.com/v/1.0/t/sync?_c=akfs9es1693794613111&usPrivacy=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.69.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-69-24.compute-1.amazonaws.com
Software
/
Resource Hash
4a40bf8d64162b18ada1fb2e9c33362f8ac4d3f593bbb72da6ac6457e63cdd8f

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
public, no-cache, no-store, must-revalidate
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:16 GMT
cs.html
cs.seedtag.com/ Frame FD87 		51 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.111.252 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92627de3f8247ba3779c04c97da834843cd2ce0f9b8bcbc90d5de669286c1812

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
574
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=86400
cf-cache-status
HIT
cf-ray
8012cf42effb3701-YYZ
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:30:16 GMT
etag
W/"2ff9eb522fbbcad21bb6774305a2a0c2"
expires
Tue, 05 Sep 2023 02:30:16 GMT
last-modified
Mon, 17 Jul 2023 13:43:40 GMT
server
cloudflare
vary
Accept-Encoding
x-goog-generation
1689601420843860
x-goog-hash
crc32c=DckRUw== md5=L/nrUi+7ytIbtndDBaKgwg==
x-goog-metageneration
2
x-goog-storage-class
REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
15461
x-guploader-uploadid
ADPycdtxe8PzWsQuSDUvk9Z3JRRE8xWqZHLoKTPbKxJp7O70khZf9CtjpcOOehMsCYBxnDNYKjBYKPKzhoEWO_BliGzYzcghUOVv
async_usersync.html
acdn.adnxs.com/dmp/ Frame B541 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:16 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2294 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
406
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cf4298f039e3-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:16 GMT
expires
Mon, 04 Sep 2023 06:30:16 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usersync.html
cdn.undertone.com/js/ Frame 1FBD 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:6a00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68884
content-encoding
gzip
content-type
text/html
date
Sun, 03 Sep 2023 07:22:13 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 42cdf90926c91454b0e8865bb13f3962.cloudfront.net (CloudFront)
x-amz-cf-id
AEZI_yDSrqAsZzacCJiwyzmx9aDMzqNz46qKujQTIDlLDEu_-olrtw==
x-amz-cf-pop
JFK50-P6
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
10.gif
id5-sync.com/c/441/1246/0/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_b76a9c6d-ab0e-435a-b768-ba9a61dc1746&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F8%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/8/2.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F6%2F4.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/203/6/4.gif?puid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/441/2/4/6.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/2/4/6.gif?puid=2535980227366638075&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F3%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/429/3/7.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/441/1242/2/8.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=3175ac58-0d9d-47aa-b429-d8f42e050f30&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1245%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/441/1245/1/9.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=2535980227366638075&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1246%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdp...
  • https://id5-sync.com/c/441/1246/0/10.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/441/1246/0/10.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:27 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/441/1246/0/10.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_017cfd6a-dd63-4621-b627-954b35116c57&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/8/2.gif?puid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F6%2F4.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/6/4.gif?puid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F4%2F6.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/4/6.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F3%2F7.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/429/3/7.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F2%2F8.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/2/8.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F203%2F1%2F9.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/441/203/1/9.gif?puid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&consent=&id5id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
49 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&consent=&id5id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&consent=&id5id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
date
Mon, 04 Sep 2023 02:30:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_4a990b08-80d1-4e1c-9709-3dbc6e70f9d8&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F8%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/8/2.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F6%2F4.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/6/4.gif?puid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Date
Mon, 04 Sep 2023 02:30:23 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
155.gif
id5-sync.com/k/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_ef8d98f2-3baa-43df-8cea-6d3fd117ec85&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F3%2F8%2F2.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/441/3/8/2.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F6%2F4.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/441/796/6/4.gif?puid=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F4%2F6.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/4/6.gif?puid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding
chunked
content-type
text/html;charset=utf-8

Redirect headers

location
https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Date
Mon, 04 Sep 2023 02:30:24 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
usermatch.gif
beacon.krxd.net/
Redirect Chain
  • https://match.adsrvr.org/track/usersync?us_privacy=1---&gdpr=0&gdpr_consent=undefined&ust=image
  • https://usermatch.krxd.net/um/v2?partner=ttd&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=krux&ttd_tpi=1&ttd_puid=PxmqKPZY&partner_uid=ttd&gdpr=0&gdpr_consent=&ttd_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30
  • https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
52.5.87.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-87-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
beacon-n029-ash-prod.krxd.net
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
private, no-cache, no-store
x-request-time
D=26 t=1693794617
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=ttd&partner_uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
date
Mon, 04 Sep 2023 02:30:17 GMT
server
Kestrel
content-length
227
us.gif
sync.go.sonobi.com/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=u_68349139-9c19-44e9-9322-22e0e06dbb28&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F434%2F8%2F2.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&consent=
  • https://id5-sync.com/c/441/434/8/2.gif?puid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F7%2F3.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/7/3.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F796%2F6%2F4.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/441/796/6/4.gif?puid=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/getuid/id5?r=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F441%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/441/441/5/5.gif?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F429%2F4%2F6.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/441/429/4/6.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/441/1242/3/7.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=3175ac58-0d9d-47aa-b429-d8f42e050f30&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1245%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/441/1245/2/8.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F1242%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/441/1242/1/9.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&consent=&id5id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
49 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&consent=&id5id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=i5td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&consent=&id5id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
date
Mon, 04 Sep 2023 02:30:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
35.ffa44917a77d7f8b045a.js
ads.blogherads.com/static/chunks/ Frame BDE9 		1 KB
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/35.ffa44917a77d7f8b045a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
W1HFRKKZH9Q2N8T5
age
1793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
4dve68o5NOLtyAt0DUY3r2o9iwgMtLoBgfw10TpNFt3nTX8pgqSb0J31hPovm0tCyu6UobxBuKY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794617.743790,VS0,VE0
etag
W/"9a805af25f2863ad614644ba47504a2b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
161
boomerang.json
ads.blogherads.com/bh/41/412/412983/2498530/ Frame BDE9 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/bh/41/412/412983/2498530/boomerang.json
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e5ada85311794e56eaaa31718cef387f575ecc1cbb855ea721fef82b4624a65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
M76AEQMX31PM26G3
age
1577
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
8F0CLVTz/7UOJ9n8lrHBYnmi1jVWfJdG55RKHpSfjnNzVMzIu8+9S9XiPNCeADSfu8Ewvp6zDSc=
x-served-by
cache-yyz4526-YYZ
last-modified
Wed, 30 Aug 2023 01:59:18 GMT
x-timer
S1693794617.800542,VS0,VE0
etag
W/"7e6b29f049e57c8b16f38618e130c93c"
vary
accept-encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
5
truncated
/ Frame BDE9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e90e53a8df5a4ae11d54f5d05f27e21c8b5b390bf430d119fc3ce660f05e2ca3

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
35.ffa44917a77d7f8b045a.js
ads.blogherads.com/static/chunks/ Frame CC71 		1 KB
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/35.ffa44917a77d7f8b045a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
W1HFRKKZH9Q2N8T5
age
1793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
4dve68o5NOLtyAt0DUY3r2o9iwgMtLoBgfw10TpNFt3nTX8pgqSb0J31hPovm0tCyu6UobxBuKY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794617.795303,VS0,VE0
etag
W/"9a805af25f2863ad614644ba47504a2b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
162
boomerang.json
ads.blogherads.com/bh/41/412/412983/2498530/ Frame CC71 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/bh/41/412/412983/2498530/boomerang.json
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e5ada85311794e56eaaa31718cef387f575ecc1cbb855ea721fef82b4624a65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
M76AEQMX31PM26G3
age
1577
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
8F0CLVTz/7UOJ9n8lrHBYnmi1jVWfJdG55RKHpSfjnNzVMzIu8+9S9XiPNCeADSfu8Ewvp6zDSc=
x-served-by
cache-yyz4526-YYZ
last-modified
Wed, 30 Aug 2023 01:59:18 GMT
x-timer
S1693794617.800517,VS0,VE0
etag
W/"7e6b29f049e57c8b16f38618e130c93c"
vary
accept-encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
6
truncated
/ Frame CC71 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
684424448c58a7a69e197dc748ad487f986953ceede07147741ac37c145138ee

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
35.ffa44917a77d7f8b045a.js
ads.blogherads.com/static/chunks/ Frame A5BD 		1 KB
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/35.ffa44917a77d7f8b045a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
W1HFRKKZH9Q2N8T5
age
1793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
4dve68o5NOLtyAt0DUY3r2o9iwgMtLoBgfw10TpNFt3nTX8pgqSb0J31hPovm0tCyu6UobxBuKY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794617.842464,VS0,VE0
etag
W/"9a805af25f2863ad614644ba47504a2b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
163
boomerang.json
ads.blogherads.com/bh/41/412/412983/2498530/ Frame A5BD 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/bh/41/412/412983/2498530/boomerang.json
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e5ada85311794e56eaaa31718cef387f575ecc1cbb855ea721fef82b4624a65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
M76AEQMX31PM26G3
age
1577
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
8F0CLVTz/7UOJ9n8lrHBYnmi1jVWfJdG55RKHpSfjnNzVMzIu8+9S9XiPNCeADSfu8Ewvp6zDSc=
x-served-by
cache-yyz4526-YYZ
last-modified
Wed, 30 Aug 2023 01:59:18 GMT
x-timer
S1693794617.847894,VS0,VE0
etag
W/"7e6b29f049e57c8b16f38618e130c93c"
vary
accept-encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
7
truncated
/ Frame A5BD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed5c8d96e6134f95ee14b0b3591625fa96fe6000156658bc66dd2e1c8d9e6c2

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
35.ffa44917a77d7f8b045a.js
ads.blogherads.com/static/chunks/ Frame 6B4A 		1 KB
701 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/35.ffa44917a77d7f8b045a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
W1HFRKKZH9Q2N8T5
age
1793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
4dve68o5NOLtyAt0DUY3r2o9iwgMtLoBgfw10TpNFt3nTX8pgqSb0J31hPovm0tCyu6UobxBuKY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794617.884899,VS0,VE0
etag
W/"9a805af25f2863ad614644ba47504a2b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
164
boomerang.json
ads.blogherads.com/bh/41/412/412983/2498530/ Frame 6B4A 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/bh/41/412/412983/2498530/boomerang.json
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e5ada85311794e56eaaa31718cef387f575ecc1cbb855ea721fef82b4624a65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
M76AEQMX31PM26G3
age
1577
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
8F0CLVTz/7UOJ9n8lrHBYnmi1jVWfJdG55RKHpSfjnNzVMzIu8+9S9XiPNCeADSfu8Ewvp6zDSc=
x-served-by
cache-yyz4526-YYZ
last-modified
Wed, 30 Aug 2023 01:59:18 GMT
x-timer
S1693794617.893344,VS0,VE0
etag
W/"7e6b29f049e57c8b16f38618e130c93c"
vary
accept-encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
8
truncated
/ Frame 6B4A 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d791ed66beb24fde8fa0a62a66490d54049c88cef4783b75328e06fb489a172d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
pub
pixel.adsafeprotected.com/services/ 		720 B
954 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=930203&slot=%7Bid:skm-boomerang-el-0-1,ss:%5B728.90%5D,p:/83521017293/a.shefinds/articles,t:display%7D&slot=%7Bid:skm-ad-flexrec-2,ss:%5B300.250,300.600%5D,p:/83521017293/a.shefinds/articles,t:display%7D&slot=%7Bid:skm-ad-outstream-test,ss:%5B1.1%5D,p:/83521017293/a.shefinds/articles,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=9d1ef90e-1a5e-a79f-29fd-ced1744f1362&url=https%253A%252F%252Fwww.shefinds.com%252Fcollections%252Fwalmart-packaging-change%252F
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
59b2025b481096906f8950a172b11a988116108deea4ad52e0fd36b6ce45a618

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
nginx
x-server-name
app14.va.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
35.ffa44917a77d7f8b045a.js
ads.blogherads.com/static/chunks/ Frame 379D 		1 KB
700 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/35.ffa44917a77d7f8b045a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
W1HFRKKZH9Q2N8T5
age
1793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
4dve68o5NOLtyAt0DUY3r2o9iwgMtLoBgfw10TpNFt3nTX8pgqSb0J31hPovm0tCyu6UobxBuKY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794617.935814,VS0,VE0
etag
W/"9a805af25f2863ad614644ba47504a2b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
165
boomerang.json
ads.blogherads.com/bh/41/412/412983/2498530/ Frame 379D 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/bh/41/412/412983/2498530/boomerang.json
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e5ada85311794e56eaaa31718cef387f575ecc1cbb855ea721fef82b4624a65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
M76AEQMX31PM26G3
age
1577
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
8F0CLVTz/7UOJ9n8lrHBYnmi1jVWfJdG55RKHpSfjnNzVMzIu8+9S9XiPNCeADSfu8Ewvp6zDSc=
x-served-by
cache-yyz4526-YYZ
last-modified
Wed, 30 Aug 2023 01:59:18 GMT
x-timer
S1693794617.946104,VS0,VE0
etag
W/"7e6b29f049e57c8b16f38618e130c93c"
vary
accept-encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
9
truncated
/ Frame 379D 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4dd66bdb712c77555f53d8c3cede3b80508d39f162c6b8cd2528460b379360fb

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 5F1A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GxqrXdrQ0MorVmoK7vQx966YYQ7fydQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GxqrXdrQ0MorVmoK7vQx966YYQ7fydQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GxqrXdrQ0MorVmoK7vQx966YYQ7fydQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=47fde4976c982394&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9AiwEgNSK9XWAAAAAAA&expiration=1693881017
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9AiwEgNSK9XWAAAAAAA&expiration=1693881017
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9AiwEgNSK9XWAAAAAAA&expiration=1693881017
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x12 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Sep 2023 02:30:16 GMT
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2535980227366638075
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2535980227366638075
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
an-x-request-uuid
f7520403-ac92-45b7-ad88-70aba39217a4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5F1A 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=UnQfgXgGT-1dhLV1H2TeKSBjUMSLTx6J2xtHOc4ji4E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=990277896830277133
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=990277896830277133
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=990277896830277133
date
Mon, 04 Sep 2023 02:30:16 GMT
content-length
0
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJGeyDuzsKFaAoSLYuWfRdk&google_cver=1
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJGeyDuzsKFaAoSLYuWfRdk&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEJGeyDuzsKFaAoSLYuWfRdk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562985&ev=1&us_privacy=&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D149%26gdpr%3D%24%7BGDPR%7D%26gdpr_consent%3D%24%7BGDPR_STRING%7D%26uid%3D%25%2...
  • https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=y2aI2Ueo8q3c&ev=1&us_privacy=&pid=562985
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=y2aI2Ueo8q3c&ev=1&us_privacy=&pid=562985
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://onetag-sys.com/match/?int_id=149&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=y2aI2Ueo8q3c&ev=1&us_privacy=&pid=562985
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:17 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame 5F1A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag&bsw_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ad3c3e1d-5562-463a-9909-5fe7873052b0&ssp=onetag&gdpr=0
  • https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cs
cs.yellowblue.io/ Frame 5F1A 		0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11581&id=UnQfgXgGT-1dhLV1H2TeKSBjUMSLTx6J2xtHOc4ji4E
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=69f48c2160c8113&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://onetag-sys.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
6
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
pixel
cm.g.doubleclick.net/ Frame 45BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzU1NDkwYmIwNzU5NWJhMjdmZGJiNWQ2ZDY0ZDk2MGNkMTY4NzVmOA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzU1NDkwYmIwNzU5NWJhMjdmZGJiNWQ2ZDY0ZDk2MGNkMTY4NzVmOA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YzU1NDkwYmIwNzU5NWJhMjdmZGJiNWQ2ZDY0ZDk2MGNkMTY4NzVmOA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
5386
tags.bluekai.com/site/ Frame 45BA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://tags.bluekai.com/site/5386?id=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbluekai
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bluekai
  • https://tags.bluekai.com/site/5386?id=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5386?id=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 04 Sep 2023 02:30:18 GMT
content-length
62
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/5386?id=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:17 GMT
server
Kestrel
content-length
221
tap.php
pixel.rubiconproject.com/ Frame 45BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XRA4ZgoN0hN8uMulAifJ8Q?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7mvw8n1E2oKZjihDDJd_hboUJ.tXDGJmBTL6_Q--~A
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7mvw8n1E2oKZjihDDJd_hboUJ.tXDGJmBTL6_Q--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-7mvw8n1E2oKZjihDDJd_hboUJ.tXDGJmBTL6_Q--~A
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 45BA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3f0s6E8rQNCPaZcv8l8qqQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3f0s6E8rQNCPaZcv8l8qqQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3f0s6E8rQNCPaZcv8l8qqQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
0V4633NKV4M95ATHFGCM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=3f0s6E8rQNCPaZcv8l8qqQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
84e0f527cd81a00b0210e20b4ee7ed94
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 45BA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGArZ5xj4ruQi3Ust2Adf0o&google_cver=1
42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGArZ5xj4ruQi3Ust2Adf0o&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGArZ5xj4ruQi3Ust2Adf0o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 45BA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DN7TRDGSQ22F93ATV4HF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 45BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM49KSCX-B-B1NA
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM49KSCX-B-B1NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 49607B5D6D57403686215DACCA29B2E0 Ref B: NYCEDGE1307 Ref C: 2023-09-04T02:30:17Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEf0p+yOlEifSRvDYkOQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM49KSCX-B-B1NA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 45BA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE00OUtTQ1gtQi1CMU5B
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIFNhQJXk6CXGcgKkV2HVS4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00OUtTQ1gtQi1CMU5B&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00OUtTQ1gtQi1CMU5B&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE00OUtTQ1gtQi1CMU5B&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
styles-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.83.12/ 		37 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.83.12/styles-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7fc2ee49fb8128a69c38428e8c5609d9e51a83fbbdf782544d0f975b6a61d04

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 09:16:02 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
AnprlpsdlJtXwpgeMr_YcSDc71ZG5BAy
x-amz-cf-pop
JFK52-P1
age
1185256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
5626
last-modified
Mon, 21 Aug 2023 09:12:06 GMT
server
AmazonS3
etag
"cdad61b223e4021a525e6d3b91ca1c81"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DJWo8hp7jGcbgeO3r_TTNyFXbO-sWgXzWg44yF02JTtOsyVIAGjcZA==
vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-d5f4c0-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.83.12/ 		373 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.83.12/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-d5f4c0-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0f6b81aaf4a3e4991f704dffbf1faa5337224d331da7a9b0775042b9a0c8236c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 09:16:02 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
_Xyo9N7_CFm0EfCY99_U1f6b34loNxqG
x-amz-cf-pop
JFK52-P1
age
1185256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
97343
last-modified
Mon, 21 Aug 2023 09:12:06 GMT
server
AmazonS3
etag
"0f8bd377b95f7b3b972857b0d4c4b1bc"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
uu-zzICODvgtZ_9ZV_SAI8Q50A364d_Wc2vNQg1lMjDr7DxJKeYX8Q==
app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.83.12/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.83.12/app_conversation_components_Main_tsx-app_conversation_services_legacy_helpers_browser-detect_ts-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
80ceb24e893fe6b514a807d447119c2ad3b648300b64274170937454cb51fb4a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 09:16:02 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
vNcFTTaqo3Ehw8kN91xfEc399IDG.qdv
x-amz-cf-pop
JFK52-P1
age
1185256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
37692
last-modified
Mon, 21 Aug 2023 09:12:05 GMT
server
AmazonS3
etag
"ded991d994a96e673f7b9bde2327fe4a"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
nRMuY59gpaDAxSPlE3iV7fW4sVYH-Vwa7rGU8J7TZkpTtRj5bHzFbw==
app_conversation_i18n_ts-app_conversation_initialize-store_ts-app_conversation_services_legac-f5b848-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.83.12/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.83.12/app_conversation_i18n_ts-app_conversation_initialize-store_ts-app_conversation_services_legac-f5b848-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff992f86e73074f88c82d1efc285ec8d1c3189925541f23d94b6cb5420d63e5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 09:16:02 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
Ocd54JMwUyXUIOPHPqnpMR8jEN__I08L
x-amz-cf-pop
JFK52-P1
age
1185256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
11629
last-modified
Mon, 21 Aug 2023 09:12:05 GMT
server
AmazonS3
etag
"a5156fb0594750458d4df621594ca8bd"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Vou2Cufs2_sTcUsOyzVtgSu6_g9Jzfyz-sBXWEcp3xjhuBwMBR2f9g==
conversation-boot-next-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.83.12/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.83.12/conversation-boot-next-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
98d8c1199a6b9cc2704321101b789ac19ff203961d9ff1668ee04d4d9224d9c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 09:16:02 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
GV4nmld_WlAujJp5U28ADY2MxOaNE6fm
x-amz-cf-pop
JFK52-P1
age
1185256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
3175
last-modified
Mon, 21 Aug 2023 09:12:06 GMT
server
AmazonS3
etag
"cc08ae41786766b182331369f9be0d27"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
2soYCT_8W_lZdO5nP8nC16cAYF185xVFbApQaVwTT6co87kcTm2plQ==
styles.css
static-cdn.spot.im/production/conversation/tags/v3.83.12/ 		663 KB
38 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.83.12/styles.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b993a0e8f3f053b76d6b10a7ff52f78d56a68242e27cde6737af3bea128e1749

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 09:16:02 GMT
content-encoding
br
via
1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
x-amz-version-id
8t7aGbzq9jrOocenIpq639SzCSk56bIZ
x-amz-cf-pop
JFK52-P1
age
1185256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
38771
last-modified
Mon, 21 Aug 2023 09:12:06 GMT
server
AmazonS3
etag
"d8a5afe530dbc26709a7e38b75f22917"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
D8k-qjAdkgBCAJnBUCUWAPVRhm5Wp24Sl1-ryGjtFuZWsl5quBm_Yw==
v2
ap.lijit.com/readerinfo/ 		205 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/readerinfo/v2
Requested by
Host: api.viglink.com
URL: https://api.viglink.com/api/sync.js?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
eee4b66ef1134e771b436c93ef4140469579a120d7fe4475b19859c2fbab49e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
210
cframe.js
assets.a-mo.net/js/ Frame E176 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---&_e=_e%3DCrYBShB3d3cuc2hlZmluZHMuY29tUgthYXMtNWI4NDI0NVoIcGJhMS4zLjJqEHd3dy5zaGVmaW5kcy5jb236AQY3LjQwLjDoAgGIA7SC1acGqANj6gMkZmUyOWU3OTktOWIxYy00OTdlLWJhYmQtNzlmNjNhZGI2N2I2qgQDRENIsgUDVVNE0gUEMTEyNtgFAeAFAeoFB2Rlc2t0b3D6BQNueTWqBwN3ZWLKBwxzaGVmaW5kcy5jb20
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75923de2a993785ccab38a3f2766e0ef00649c91bce9c3373ea78fa40dcf68f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 7aea4d81c29185bd2784c2f86062007a.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
JFK50-P8
age
331
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 17 Aug 2023 16:18:48 GMT
server
cloudflare
etag
W/"bf90df713e5e01906e68ba8a50b132d3"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
8012cf4569bc4bc9-BUF
x-amz-cf-id
dksO4Gcg1oCrWW8mXvQVlmbWGzdd6WFOu141aADgWZWJab1GoBhTkQ==
expires
Mon, 04 Sep 2023 03:30:17 GMT
xuid
eb2.3lift.com/ Frame 1399
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&dongle=0cfd&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:17 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 1399
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NzU0NTY3NzI4NTAyNDYwODI1OA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1399
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDzrjc7s5o4CpC7Uju4puCI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDzrjc7s5o4CpC7Uju4puCI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDzrjc7s5o4CpC7Uju4puCI&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1399
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NzU0NTY3NzI4NTAyNDYwODI1OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NzU0NTY3NzI4NTAyNDYwODI1OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H3
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDE4NzU0NTY3NzI4NTAyNDYwODI1OA%3D%3D
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 1399 		0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4187545677285024608258&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 51DE4AAB555749CD8A542BF5B7B4809F Ref B: NYCEDGE1307 Ref C: 2023-09-04T02:30:17Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEf0p9/kuszY/RfIIqnw==
xuid
eb2.3lift.com/ Frame 1399
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=4187545677285024608258&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=2bdc259d-04e5-4b52-a832-28365078b2a0&ssp=triplelift
  • https://eb2.3lift.com/xuid?mid=2409&xuid=54d10197-cb46-413a-91f9-8e6ea8d9de90&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2409&xuid=54d10197-cb46-413a-91f9-8e6ea8d9de90&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:19 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
//eb2.3lift.com/xuid?mid=2409&xuid=54d10197-cb46-413a-91f9-8e6ea8d9de90&dongle=d3d3&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 04 Sep 2023 02:30:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame 1399
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4187545677285024608258?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-si_nq5NE2oTiO3VfwC_KnRhsm1uh0SaQ5vLyeRlRxg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-si_nq5NE2oTiO3VfwC_KnRhsm1uh0SaQ5vLyeRlRxg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-si_nq5NE2oTiO3VfwC_KnRhsm1uh0SaQ5vLyeRlRxg--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame 1399 		42 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4187545677285024608258&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
last-modified
Wed, 30 Aug 2023 15:12:15 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: BB9C7ECFE15C49A0B671A8BFBB58DE1B Ref B: EWR311000105009 Ref C: 2023-09-04T02:30:17Z
etag
"3370fe5b54dbd91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame 1399
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=1---&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3...
  • https://eb2.3lift.com/xuid?mid=2711&xuid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://eb2.3lift.com/xuid?mid=2711&xuid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1169337
content-length
0
expires
Mon, 04 Sep 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 1399
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=2535980227366638075&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=2535980227366638075&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
an-x-request-uuid
c87cd8fc-5e90-4582-bd8a-0e8ee18b604c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=2535980227366638075&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 903A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57923
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
cs
cs.minutemedia-prebid.com/ Frame 51F8
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=minute_media&khaos=LM49KSCX-B-B1NA
  • https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM49KSCX-B-B1NA
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM49KSCX-B-B1NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=minute_media&endpoint=us-east
Protocol
H2
Server
3.221.79.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-79-249.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.minutemedia-prebid.com/cs?aid=21479&id=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
usersync
usersync.gumgum.com/ Frame 2E44
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LM49KSCX-B-B1NA
  • https://usersync.gumgum.com/usersync?b=mag&i=LM49KSCX-B-B1NA
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LM49KSCX-B-B1NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
main.19.8.439.js
static.adsafeprotected.com/ Frame EB55 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:44:02 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2205976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
JHooOhpWDm9wg75dp9tfL1SXwUcTYg_h5txoUYG_IcExTsKsNHGxpA==
/
onetag-sys.com/usync/ Frame 5BC4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
9218fb7df183eae169db7c9582bd85fee59ba2876edb2d5107b9ff5f7bf5186e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1360
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
main.19.8.439.js
static.adsafeprotected.com/ Frame 740E 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:44:02 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2205976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
GE9pCZ-vEixPlmqGpHn2dY3TwA4x4IpK7mGvhnVtoEH2eTOsUwMQbw==
352.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/352.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0828ffd7a28dd19d418cbc4101f7ecbfd9fbee640afc279728ce91122ece4ca4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
uPx3DwZhgzN90x5g0549RgVZb0bgjuSO
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 10:25:55 GMT
last-modified
Tue, 01 Aug 2023 07:45:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
57925
x-amz-server-side-encryption
AES256
etag
W/"076a67a8f518834cafdc520e1c927d61"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
OsUvLgUMqQmu5WFZxRrYIiFwQff1KZbprAgtAM4JnfcEMP2a5dM2qA==
963.js
static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/963.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
abe87445e2b7af2e7621b6d388e56c6bc6a480b07730e8e0288dcf5044a36912

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
1nvNiZJfvWzhCTEhZvVHYRV2qhOHecpH
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 07:09:34 GMT
last-modified
Tue, 01 Aug 2023 07:45:27 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
69644
x-amz-server-side-encryption
AES256
etag
W/"b9a36528a7a7d8c95c2ad68977c31e56"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-replication-status
COMPLETED
x-amz-cf-id
fnvcefHQygf2pEGUQhEWmNJZW-aCuu1HpS3mfpQRZqG54x36rmjStA==
963.css
static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/ 		18 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/popular-in-the-community/tags/v2.31.8/963.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/initial-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0fe54e4560d2a024a59fdaefd81d8037df63b48df306b5849e1cdd9ec9a153c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
Kza1bzCnv1Jra2COXI_tFSAouOlZ3fXq
content-encoding
br
via
1.1 c5ee0f95b71de262d79b7462d2bdda18.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 08:10:08 GMT
x-amz-cf-pop
JFK52-P1
age
66009
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Aug 2023 07:45:27 GMT
server
AmazonS3
etag
W/"60e07ba3f7bef94388f0baafe0a17a75"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-amz-cf-id
rZSVNE2Dlq7KG8fCJCvywvFw8uY6yQiQ2VgLwYPgWna1KjYYbgykXw==
state
api.permutive.com/v1.0/ 		0
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v1.0/state?fetch_unseen=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
main.19.8.439.js
static.adsafeprotected.com/ Frame C173 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:44:02 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2205976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
7NGxFzHzSDa46JQJRUEou-WB9EJ4TNKYDlO_MRbqsIG7Kzb6u6ytkA==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3161&u=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1e9566328ed695496ddcfab7d78dffb01b62ec2e7fe0b2f09d95e8301ce698a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:09:58 GMT
via
1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
1218
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2336
x-amz-cf-id
AV0Pcn--sYkJ-Z_6oKLxihusuUupDjjJW5EhKPDZbJLKKjw9F0GkOg==
bid
aax.amazon-adsystem.com/e/dtb/ 		558 B
1000 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3161&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&pid=CEJ1m21l3mF8s&cb=1&ws=1600x1200&v=23.821.1806&t=950&slots=%5B%7B%22sd%22%3A%22skm-boomerang-el-0-1%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%22%7D%2C%7B%22sd%22%3A%22skm-ad-flexrec-2%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=1&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%22%2C%22pubcommon%22%3A%220c438412-c347-4865-90c0-13acb3f712ee%22%2C%22audigent%22%3A%22060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm7g4ko6gzwigwiew6kwomy%22%7D%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.129.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-129-159.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
b19e8dbbd79974ba97bf5cff0391068a3c0e13f5107dcc501c56d4f7a1cddf23
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P7
x-amz-rid
JTQKBHF5GVM3EF49P4EK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
558
x-amz-cf-id
2RfLWODJBZm9CRCwA61QWt_SjWsD-d0UhI-0JPQUifjyjZCKCGY-Bg==
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame 4798 		409 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88b7b4898a719ce5a6e3bd5e2c537e08ffa5b070a72a94021a378751d39bf243

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
pPhlFxBywMrwAjbXYnAHHI6HDsoP1Y.l
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:22:45 GMT
server
AmazonS3
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"46bb301dfae354c6508aaecadb879761"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2036
x-amz-cf-id
HmnNgoB0A6QtBFNryrRHqK0W4mLvJh1F_auqcphRnlOBDMxPc0LdKw==
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame B3F9 		409 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88b7b4898a719ce5a6e3bd5e2c537e08ffa5b070a72a94021a378751d39bf243

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
pPhlFxBywMrwAjbXYnAHHI6HDsoP1Y.l
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:22:45 GMT
server
AmazonS3
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"46bb301dfae354c6508aaecadb879761"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2036
x-amz-cf-id
5bFiQbdnlgSnFajLQHg4CXt_BMunW-bCP-yUr4v0jcKt7FSSWZ-nbQ==
main.19.8.439.js
static.adsafeprotected.com/ Frame 3E69 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:44:02 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2205976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
y5q8iYFChEenpGIkVZQo4qcVpb6q2rsZUrpVfYOmiwTLlMMoQeS-pw==
jp
rtb.gumgum.com/usync/ Frame D57D 		2 KB
909 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=akfs9es1693794613111&usPrivacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.116.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-116-249.compute-1.amazonaws.com
Software
nginx /
Resource Hash
134be6b350d40788ea5912f30edb979a3faf07a74a5e2bfb2e30a831c20e25ed

Request headers

Referer
https://pre.ads.justpremium.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:17 GMT
etag
W/"04ea1c67fc4a89500a426a071789abd61"
server
nginx
timing-allow-origin
*
gg
match.justpremium.com/match/ Frame F833
Redirect Chain
  • https://rtb.gumgum.com/getuid/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&us_privacy=1---
  • https://match.justpremium.com/match/gg?jp_uid=r-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113&ex_uid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71
43 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/gg?jp_uid=r-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113&ex_uid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71
Requested by
Host: pre.ads.justpremium.com
URL: https://pre.ads.justpremium.com/v/1.0/t/sync?_c=akfs9es1693794613111&usPrivacy=1---
Protocol
H2
Server
50.19.69.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-69-24.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pre.ads.justpremium.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://match.justpremium.com/match/gg?jp_uid=r-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113&ex_uid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71
date
Mon, 04 Sep 2023 02:30:17 GMT
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
ibs:dpid=152416&dpuuid=24td0frjcg4v9teczygazdi3f
dpm.demdex.net/ Frame 1FBD 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-01d333896.edge-va6.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
YbUoRkTARxM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 1FBD 		62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 04 Sep 2023 02:30:17 GMT
content-length
62
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame 1FBD
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=24td0frjcg4v9teczygazdi3f
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGOuwZ3rPhtnTP6gSco4Wpc&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGOuwZ3rPhtnTP6gSco4Wpc&google_cver=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEGOuwZ3rPhtnTP6gSco4Wpc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 2905 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
17e0dfb575ceb9422c72032abab3a7e41a3818ea79e180d25a0bc8b8451e906c

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1666
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:17 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame A457
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:17 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 1FBD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
kyG3MzSajLDijTppSDZZDDIxBirFrgn4fORuy4_Syt1dIDKkGmdEtA==

Redirect headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 1FBD
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
vK8OM7ld1N0oaRFkmwuNIGdDW4C3IP__I7whWxb4_HG5RzDo5U1Dlw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 1FBD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386617
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386617
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
0Uz_xVibMJZIKQYqgkm9yDNlXh94yTkV6Fl_JmzEsXPx2467059tMw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386617
date
Mon, 04 Sep 2023 02:30:17 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame 1FBD
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
0
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
ifpnPLk_clRzCBbJ9cooZ_cjDl2Dv0or03qPEkjRnW6xiCoFwFdlZg==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
sync
usr.undertone.com/userPixel/ Frame 1FBD
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=-1&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=15baa7636bd61487&is_secure=true&networkId=17100&version=1&nuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=-1&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMo9ZT9AiwLAN9sdcnAAAAAAA&expiration=1693881017&nuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&us_privacy=%24%7B...
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
5
content-length
0
x-amz-cf-id
EQm6T6EFEQyoeNdkTmriUd1oA-jCmr68yen_cW-gRJpL6ZgXh5qAKw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 1FBD
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
fNiUCPQa7k3lsfcTDg3ifllRB5yhLmDrGMF1bg599K6BCSxPKOONig==

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 1FBD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
3
content-length
0
x-amz-cf-id
46Co61-6lvbYWk_yRscnFZg83Oj3Kx2foxWADKkib5NzGKNf_I61dw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
t.gif
cw.addthis.com/ Frame 1FBD 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=240ab8accf13429baf1eb69921bd87db
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.66.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-66-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 04 Sep 2023 02:30:17 GMT
usermatch.gif
beacon.krxd.net/ Frame 1FBD 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.87.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-87-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
beacon-n023-ash-prod.krxd.net
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
private, no-cache, no-store
x-request-time
D=28 t=1693794617
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
loadm.exelator.com/load/ Frame 1FBD
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=24td0frjcg4v9teczygazdi3f
  • https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=24td0frjcg4v9teczygazdi3f&xl8blockcheck=1
0
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=24td0frjcg4v9teczygazdi3f&xl8blockcheck=1
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Mon, 04 Sep 2023 02:30:16 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=1145&j=0&utid=24td0frjcg4v9teczygazdi3f&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
main.19.8.439.js
static.adsafeprotected.com/ Frame 6520 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:44:02 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2205976
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
4IWJWvdd7cR2UFh0lgSTdqRHGJ0BQI0m8F8Qyc3HSDqhhtcP4lQ0JQ==
player.js
player.aniview.com/script/6.1/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b4615b270f1614490ade3e656c3a497aaeb725fc218150238d59df0258a0f3c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtHbNP9uUMQ0uup1oIi8fVmkPOP4lBf4IwZe9xSqLQ4Znf9Cn1n4ErEfvZiQunGhG8VfUtgxTYfl_fMc3LD35eYu0OuCu1l
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13568
last-modified
Sun, 03 Sep 2023 06:24:16 GMT
server
UploadServer
etag
"e0555a7a34c6a8a2a705ce461a0fe10c"
vary
Accept-Encoding
x-goog-generation
1693722256379154
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=omodjw==, md5=4FVaejTGqKKnBc5GGg/hDA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13568
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:17 GMT
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=6284bb2ecd8f0b056213fec7&e=playerLoaded&cb=1693794617372&r=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=6284bb2ecd8f0b056213fec7&e=playerLoaded&cb=1693794617374&r=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
async_usersync
ib.adnxs.com/ Frame B541 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
an-x-request-uuid
19a0e6dd-5923-4191-8e42-bec866e376e9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
0.6c6348ebc294aacf1fc2.js
ads.blogherads.com/static/chunks/ Frame BDE9 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/0.6c6348ebc294aacf1fc2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5H0B20P1N7708Z
age
1794
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
CcyfsDsCRPL9CBtE+Nzvt+B+dzUBwd5ztTfOQc2uCLugO7s7TFGaYh9kObVkY0h9faDWLNgzxwY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794617.459210,VS0,VE0
etag
W/"adbbea4ed0d19fcf33cae37dd9ad4855"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
148
vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
ads.blogherads.com/static/chunks/ Frame BDE9 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5XDQ73PBC8J5XG
age
1794
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
EM4KAzXYBWbRhwgALL2qF3iEOzT8r7GRwWz2LvxKMisrC9N4KJoHWjb8V9EvyuXrPpjiG8jUx+E=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794617.461286,VS0,VE0
etag
W/"8a4de88af87f2e76e0a9e1e1306ccdf3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
159
postbid-prebid-integration.adda40bfac824b1494e9.js
ads.blogherads.com/static/chunks/ Frame BDE9 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/postbid-prebid-integration.adda40bfac824b1494e9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2d1946cab10182e8a80eec47ae0c2023cffa0fc715b041d53f1cd4e2ec679c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HDBEPK9GWG5BSJQ2
age
1793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
PY+BUGo9sS9Scl4xLEA7uKYfuU2+8IYbPrury8/gU8H8gUiLBI+C6PG3SQWcMBj4WESJ2vUMapQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794617.464504,VS0,VE0
etag
W/"2654990d140e86f395d6fd898b941cd7"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
46
0.6c6348ebc294aacf1fc2.js
ads.blogherads.com/static/chunks/ Frame CC71 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/0.6c6348ebc294aacf1fc2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5H0B20P1N7708Z
age
1794
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
CcyfsDsCRPL9CBtE+Nzvt+B+dzUBwd5ztTfOQc2uCLugO7s7TFGaYh9kObVkY0h9faDWLNgzxwY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794617.475483,VS0,VE0
etag
W/"adbbea4ed0d19fcf33cae37dd9ad4855"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
149
vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
ads.blogherads.com/static/chunks/ Frame CC71 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5XDQ73PBC8J5XG
age
1794
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
EM4KAzXYBWbRhwgALL2qF3iEOzT8r7GRwWz2LvxKMisrC9N4KJoHWjb8V9EvyuXrPpjiG8jUx+E=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794617.475461,VS0,VE0
etag
W/"8a4de88af87f2e76e0a9e1e1306ccdf3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
160
postbid-prebid-integration.adda40bfac824b1494e9.js
ads.blogherads.com/static/chunks/ Frame CC71 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/postbid-prebid-integration.adda40bfac824b1494e9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2d1946cab10182e8a80eec47ae0c2023cffa0fc715b041d53f1cd4e2ec679c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HDBEPK9GWG5BSJQ2
age
1793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
PY+BUGo9sS9Scl4xLEA7uKYfuU2+8IYbPrury8/gU8H8gUiLBI+C6PG3SQWcMBj4WESJ2vUMapQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794617.476889,VS0,VE0
etag
W/"2654990d140e86f395d6fd898b941cd7"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
47
usync.html
eus.rubiconproject.com/ Frame D377
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=seedtag&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:17 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
server
AkamaiGHost
CookieSync.html
csync.smartadserver.com/rtb/csync/ Frame 008B 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7748 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:17 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524912.090457"
Last-Modified
Tue, 22 Feb 2022 09:59:55 GMT
Server
AkamaiNetStorage
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A6F6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101350
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:17 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame F416
Redirect Chain
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1
  • https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
fbf377e5f7d6d0389815b2c258aa04cf088bbe8c8ddd4d28d78637a501e17c2d

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:09 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:09 GMT
location
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
/
hde.tynt.com/deb/ Frame 3DCB
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X
  • https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
813cc6fd8b9ca945b39cb5490faea7624b687ae142d06c37fbeba4fc2bdc0355

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1607
content-type
text/html
date
Mon, 04 Sep 2023 02:30:16 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
0
date
Mon, 04 Sep 2023 02:30:17 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url
isync
visitor.omnitagjs.com/visitor/ Frame EECB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
15976722fd89607a5705198e142d0e2c462cf064536d1ba88e285421c7e25fc6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1479
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:17 GMT
expires
0
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
/
onetag-sys.com/usync/ Frame CDD1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75601b04186d260
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
89a8ef835f0834ede595074d5ff694ef73dfc369b95d99cb5becdf4108f2fc56
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1338
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sharethrough
s.seedtag.com/cs/cookiesync/ Frame CB7D
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=2TwkgUpM&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Sep 2023 02:30:17 GMT
server
openresty
via
1.1 google

Redirect headers

content-length
0
date
Mon, 04 Sep 2023 02:30:17 GMT
location
https://s.seedtag.com/cs/cookiesync/sharethrough?channeluid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
pulsepoint
s.seedtag.com/cs/cookiesync/ Frame 11AB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562983&ev=1&us_privacy=1---&rurl=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpulsepoint%3Fchanneluid%3D%25%25VGUID%25%25
  • https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=y2aI2Ueo8q3c&ev=1&us_privacy=1---&pid=562983
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=y2aI2Ueo8q3c&ev=1&us_privacy=1---&pid=562983
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://cs.seedtag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Sep 2023 02:30:17 GMT
server
openresty
via
1.1 google

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cache-control
private, max-age=0, no-cache, no-store
content-language
en-US
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
location
https://s.seedtag.com/cs/cookiesync/pulsepoint?channeluid=y2aI2Ueo8q3c&ev=1&us_privacy=1---&pid=562983
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(10.0.14)
strict-transport-security
max-age=15768000
s
s.seedtag.com/cs/st/ Frame FD87 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/st/s
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
appnexus
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fappnexus%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2535980227366638075
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2535980227366638075
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
an-x-request-uuid
ebb8667c-8921-4aae-ab4e-0b8414819c8b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.seedtag.com/cs/cookiesync/appnexus?channeluid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
smart
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsmart%3Fchanneluid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr_consent=&us_privacy=1---&nwid=3050&url=https://s.seedtag.com/cs/cookiesync/smart?channeluid=[sas_uid]&cklb=1
  • https://s.seedtag.com/cs/cookiesync/smart?channeluid=990277896830277133
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/smart?channeluid=990277896830277133
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/smart?channeluid=990277896830277133
date
Mon, 04 Sep 2023 02:30:16 GMT
content-length
0
outbrain
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://b1sync.zemanta.com/usersync/seedtag?puid=&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Foutbrain%3Fchanneluid%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64ZOONSWKZDUMFTS4Y3PNUXWG4ZPMNXW623JMVZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64ZOONSWKZDUMFTS4Y3PNUXWG4ZPMNXW623JMVZXS3TDF5XXK5DCOJQWS3R7MNUGC3TOMVWHK2LEHV2EE4LII5GF6U2FM5SEKNSUJJIXAWCVNUTGK6DDNBQW4Z3FHVZWK...
  • https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=tBqhGL_SEgdE6TJQpXUm&gdpr=0&us_privacy=1---
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=tBqhGL_SEgdE6TJQpXUm&gdpr=0&us_privacy=1---
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:18 GMT
Content-Type
text/html; charset=utf-8
Location
https://s.seedtag.com/cs/cookiesync/outbrain?channeluid=tBqhGL_SEgdE6TJQpXUm&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
ttd
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=5jrh0rv&ttd_tpi=1&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://s.seedtag.com/cs/cookiesync/ttd?channeluid=3175ac58-0d9d-47aa-b429-d8f42e050f30
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/ttd?channeluid=3175ac58-0d9d-47aa-b429-d8f42e050f30
date
Mon, 04 Sep 2023 02:30:17 GMT
server
Kestrel
content-length
205
Bidswitch
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=seedtag&user_id=&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=54d10197-cb46-413a-91f9-8e6ea8d9de90&ssp=seedtag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594155179152629092&ssp=seedtag&gdpr=0&gdpr_consent=
  • https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Location
//s.seedtag.com/cs/cookiesync/Bidswitch?channeluid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=
Date
Mon, 04 Sep 2023 02:30:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
partner
sync.search.spotxchange.com/ Frame FD87 		0
0
10.gif
id5-sync.com/c/286/1246/0/ Frame FD87
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Frichaudience%3Fchanneluid%3D%5BPDID%5D
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fcs.seedtag.com%2F
  • https://id5-sync.com/s/286/9.gif?puid=3cef9c40-0887-435c-b965-1zz1693794609&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.richaudience.com%2Fa6c163b098d05a413cd1682e26fae172%2F%3Fuid%3D%7BID5UID%7D
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=id5&cspid=18&cb=&redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F796%2F8%2F2.gif%3Fpuid%3D%24%7BADELPHIC_CUID%7D%26gdpr%3D0%26gdpr_consent...
  • https://id5-sync.com/c/286/796/8/2.gif?puid=9be4ed3c-c4eb-4966-94aa-5a7f63709496&gdpr=0&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F286%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/286/124/7/3.gif?puid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F429%2F6%2F4.gif%3Fpuid%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/286/429/6/4.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/286/2/5/5.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/286/2/5/5.gif?puid=2535980227366638075&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/id5?us_privacy=
  • https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
  • https://ce.lijit.com/merge?pid=27&3pid=3175ac58-0d9d-47aa-b429-d8f42e050f30&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1245%2F3%2F7.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/286/1245/3/7.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F3%2F2%2F8.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/286/3/2/8.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=58&3pid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1242%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/286/1242/1/9.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=2535980227366638075&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F286%2F1246%2F0%2F10.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdp...
  • https://id5-sync.com/c/286/1246/0/10.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/286/1246/0/10.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/286/1246/0/10.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame FD87 		0
0
improvedigital
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1680&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fimprovedigital%3Fchanneluid%3D%7BPUB_USER_ID%7D
  • https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/improvedigital?channeluid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:17 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
indexexchange
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191730&cb=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Findexexchange%3Fchanneluid%3D
  • https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://s.seedtag.com/cs/cookiesync/indexexchange?channeluid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
0
Expires
0
verizon
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58427/occ
  • https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/verizon?channeluid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookie
cm.adform.net/ Frame FD87 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fadform%3Fchanneluid%3D%24UID
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
server
nginx
content-length
43
content-type
image/gif
sovrn
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fsovrn%3Fchanneluid%3D%24UID
  • https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=HQzWZQZHTprevADoQOeL11M1
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://s.seedtag.com/cs/cookiesync/sovrn?channeluid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
openx
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e297ef35-c932-4587-9b44-3838020a33e7&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fopenx%3Fchanneluid%3D%7BOPENX_ID%7D
  • https://s.seedtag.com/cs/cookiesync/openx?channeluid=d45c1b12-73d6-01f0-0ec2-d10ac0d48d5b
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/openx?channeluid=d45c1b12-73d6-01f0-0ec2-d10ac0d48d5b
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://s.seedtag.com/cs/cookiesync/openx?channeluid=d45c1b12-73d6-01f0-0ec2-d10ac0d48d5b
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
yeahmobi
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://event.clientgear.com/cookie/seedtag?partner=seedtag&cookieid=
  • https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkd002e9cdf4304d528c3cc18839fc8eac
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkd002e9cdf4304d528c3cc18839fc8eac
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/yeahmobi?channeluid=mkd002e9cdf4304d528c3cc18839fc8eac
date
Mon, 04 Sep 2023 02:30:17 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
rtbhouse
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=seedtag
  • https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=BfCE3hDnG2SOJFTOP3fi&pi=seedtag
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=BfCE3hDnG2SOJFTOP3fi&pi=seedtag
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

location
https://s.seedtag.com/cs/cookiesync/rtbhouse?channeluid=BfCE3hDnG2SOJFTOP3fi&pi=seedtag
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT, Mon, 04 Sep 2023 02:30:17 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
opera
s.seedtag.com/cs/cookiesync/ Frame FD87
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub9283744565120
  • https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU641abfc9db6847f0ab54e557609fb367
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU641abfc9db6847f0ab54e557609fb367
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs.seedtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://s.seedtag.com/cs/cookiesync/opera?channeluid=OPU641abfc9db6847f0ab54e557609fb367
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
111
expires
Mon, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame D57D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e41e7122-527b-422a-9179-0dca1a6ecede&ssp=gumgum2&expires=30&user_group=5&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:19 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame D57D
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=0&gdpr_consent=$CONSNT_S...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Cache-Control
no-cache
X-TraceId
705e587110655dbd43631c52e76f320c
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:19 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame D57D
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:16 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame D57D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:17 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame D57D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Date
Mon, 04 Sep 2023 02:30:17 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame D57D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:18 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
date
Mon, 04 Sep 2023 02:30:16 GMT
content-length
0
0.6c6348ebc294aacf1fc2.js
ads.blogherads.com/static/chunks/ Frame A5BD 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/0.6c6348ebc294aacf1fc2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5H0B20P1N7708Z
age
1794
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
CcyfsDsCRPL9CBtE+Nzvt+B+dzUBwd5ztTfOQc2uCLugO7s7TFGaYh9kObVkY0h9faDWLNgzxwY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794618.520985,VS0,VE0
etag
W/"adbbea4ed0d19fcf33cae37dd9ad4855"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
150
vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
ads.blogherads.com/static/chunks/ Frame A5BD 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5XDQ73PBC8J5XG
age
1794
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
EM4KAzXYBWbRhwgALL2qF3iEOzT8r7GRwWz2LvxKMisrC9N4KJoHWjb8V9EvyuXrPpjiG8jUx+E=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794618.520951,VS0,VE0
etag
W/"8a4de88af87f2e76e0a9e1e1306ccdf3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
161
postbid-prebid-integration.adda40bfac824b1494e9.js
ads.blogherads.com/static/chunks/ Frame A5BD 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/postbid-prebid-integration.adda40bfac824b1494e9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2d1946cab10182e8a80eec47ae0c2023cffa0fc715b041d53f1cd4e2ec679c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HDBEPK9GWG5BSJQ2
age
1793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
PY+BUGo9sS9Scl4xLEA7uKYfuU2+8IYbPrury8/gU8H8gUiLBI+C6PG3SQWcMBj4WESJ2vUMapQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794618.520931,VS0,VE0
etag
W/"2654990d140e86f395d6fd898b941cd7"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
48
crum
dsum-sec.casalemedia.com/ Frame 2905
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2535980227366638075
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2535980227366638075
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
an-x-request-uuid
a1878d4c-231c-4d97-8815-aaf10ce0f8f4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 2905 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794617563077-309
rum
dsum-sec.casalemedia.com/ Frame 2905
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPVBNgANs6j7wQAb
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPVBNgANs6j7wQAb
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-yyz4529-YYZ
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693794618.684478,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZPVBNgANs6j7wQAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2905
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 2905
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=e5cf3b29-2099-4e63-9375-b14659614e64&expiration=1725417017
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=e5cf3b29-2099-4e63-9375-b14659614e64&expiration=1725417017
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=e5cf3b29-2099-4e63-9375-b14659614e64&expiration=1725417017
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Kestrel
Connection
keep-alive
Content-Length
0
rum
dsum.casalemedia.com/ Frame 2905
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=index&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=index&user_id=csonata_fa62105b-1ea0-43c2-a9ed-ad988e2eedd1&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&expires=10&gdpr=&gdpr_consent=&gdpr_pd=
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 2905
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709519417&external_user_id=edee8b52-66cf-4865-b85b-7a92b8bcf9d0
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709519417&external_user_id=edee8b52-66cf-4865-b85b-7a92b8bcf9d0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1709519417&external_user_id=edee8b52-66cf-4865-b85b-7a92b8bcf9d0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
crum
dsum-sec.casalemedia.com/ Frame 2905
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACX7E7J6oIAACoiJc0fIg&expiration=1695004218
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACX7E7J6oIAACoiJc0fIg&expiration=1695004218
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AACX7E7J6oIAACoiJc0fIg&expiration=1695004218
Date
Mon, 04 Sep 2023 02:30:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame 2905 		0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
aUPPjyCg2Oh4CLm-Rqvh_gjwQdqcnYb7Row3VVL4no59hZUS7k8epQ==
0.6c6348ebc294aacf1fc2.js
ads.blogherads.com/static/chunks/ Frame 6B4A 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/0.6c6348ebc294aacf1fc2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5H0B20P1N7708Z
age
1794
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
CcyfsDsCRPL9CBtE+Nzvt+B+dzUBwd5ztTfOQc2uCLugO7s7TFGaYh9kObVkY0h9faDWLNgzxwY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794618.537425,VS0,VE0
etag
W/"adbbea4ed0d19fcf33cae37dd9ad4855"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
151
vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
ads.blogherads.com/static/chunks/ Frame 6B4A 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5XDQ73PBC8J5XG
age
1794
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
EM4KAzXYBWbRhwgALL2qF3iEOzT8r7GRwWz2LvxKMisrC9N4KJoHWjb8V9EvyuXrPpjiG8jUx+E=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794618.554323,VS0,VE0
etag
W/"8a4de88af87f2e76e0a9e1e1306ccdf3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
162
postbid-prebid-integration.adda40bfac824b1494e9.js
ads.blogherads.com/static/chunks/ Frame 6B4A 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/postbid-prebid-integration.adda40bfac824b1494e9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2d1946cab10182e8a80eec47ae0c2023cffa0fc715b041d53f1cd4e2ec679c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HDBEPK9GWG5BSJQ2
age
1793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
PY+BUGo9sS9Scl4xLEA7uKYfuU2+8IYbPrury8/gU8H8gUiLBI+C6PG3SQWcMBj4WESJ2vUMapQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794618.554332,VS0,VE0
etag
W/"2654990d140e86f395d6fd898b941cd7"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
49
0.6c6348ebc294aacf1fc2.js
ads.blogherads.com/static/chunks/ Frame 379D 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/0.6c6348ebc294aacf1fc2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5H0B20P1N7708Z
age
1794
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
CcyfsDsCRPL9CBtE+Nzvt+B+dzUBwd5ztTfOQc2uCLugO7s7TFGaYh9kObVkY0h9faDWLNgzxwY=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794618.591928,VS0,VE0
etag
W/"adbbea4ed0d19fcf33cae37dd9ad4855"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
152
vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
ads.blogherads.com/static/chunks/ Frame 379D 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5XDQ73PBC8J5XG
age
1795
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
EM4KAzXYBWbRhwgALL2qF3iEOzT8r7GRwWz2LvxKMisrC9N4KJoHWjb8V9EvyuXrPpjiG8jUx+E=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794618.591906,VS0,VE0
etag
W/"8a4de88af87f2e76e0a9e1e1306ccdf3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
163
postbid-prebid-integration.adda40bfac824b1494e9.js
ads.blogherads.com/static/chunks/ Frame 379D 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/postbid-prebid-integration.adda40bfac824b1494e9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2d1946cab10182e8a80eec47ae0c2023cffa0fc715b041d53f1cd4e2ec679c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HDBEPK9GWG5BSJQ2
age
1793
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
PY+BUGo9sS9Scl4xLEA7uKYfuU2+8IYbPrury8/gU8H8gUiLBI+C6PG3SQWcMBj4WESJ2vUMapQ=
x-served-by
cache-yyz4553-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794618.591909,VS0,VE0
etag
W/"2654990d140e86f395d6fd898b941cd7"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
50
pixel
cm.g.doubleclick.net/ Frame 5BC4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GyOkDvNbILOEfn7k8SsBcod_ahED2Xw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GyOkDvNbILOEfn7k8SsBcod_ahED2Xw
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H3
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GyOkDvNbILOEfn7k8SsBcod_ahED2Xw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 5BC4
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=30810d1ff39922c0&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMWIUKUlshDgMXHDcKAAAAAAA&expiration=1693881017
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMWIUKUlshDgMXHDcKAAAAAAA&expiration=1693881017
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMWIUKUlshDgMXHDcKAAAAAAA&expiration=1693881017
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sync
x.bidswitch.net/ Frame 5BC4 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 5BC4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x58 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Sep 2023 02:30:16 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 5BC4 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.90 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
19600bc21eacf9565125744d917cac10
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5BC4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
an-x-request-uuid
fa89a94a-1219-41ac-8b05-8be7962e8290
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5BC4 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=jeWzH22lq4QgpCislLJw42R3i6-G1YxvG_HxkdROR-s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame 5BC4 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.170 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 5BC4 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=1---&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame 5BC4 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 5BC4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:17 GMT
server
Kestrel
content-length
233
setuid
prebid-server.rubiconproject.com/ Frame 5BC4 		0
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=jeWzH22lq4QgpCislLJw42R3i6-G1YxvG_HxkdROR-s
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
hbp_master_270443_610.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 4798 		469 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
92f01ad37baeed3375cf1c566e6ce76412c35d5f7dc91a0e184bf0425518b263

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:17 GMT
date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 14:28:57 GMT
server
nginx
etag
W/"64f1f529-75577"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hbw_master_270443_610.js
player.spotim.market/prebidlink/aYHHO/ Frame 4798 		202 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
740ca606e9ec2d10fbb5949c135c4c57a347ea9af63ab26e0abff36b8b77279b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:17 GMT
date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 06:15:51 GMT
server
nginx
etag
W/"64f2d317-327d6"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
pubads_impl_fy2021.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ Frame 4798 		335 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl_fy2021.js?cb=31076165
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
89991823a731f0f5b97dd9b14379eb2a5dae066e9298948165a0e182fdcb5284
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 16:37:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
35586
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
114574
x-xss-protection
0
server
cafe
etag
9095158326383372250
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 02 Sep 2024 16:37:11 GMT
hbp_master_270443_610.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame B3F9 		469 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
92f01ad37baeed3375cf1c566e6ce76412c35d5f7dc91a0e184bf0425518b263

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:17 GMT
date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 14:28:57 GMT
server
nginx
etag
W/"64f1f529-75577"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hbw_master_270443_610.js
player.spotim.market/prebidlink/aYHHO/ Frame B3F9 		202 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
740ca606e9ec2d10fbb5949c135c4c57a347ea9af63ab26e0abff36b8b77279b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:17 GMT
date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 06:15:51 GMT
server
nginx
etag
W/"64f2d317-327d6"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ Frame B3F9 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 14:58:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
41498
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 02 Sep 2024 14:58:39 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F270 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
41c7881f4a35791a1d749dd105e5ffcd17ae431632de8ab46eb4a5e3f041a668

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1774
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:17 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync
usr.undertone.com/userPixel/ Frame 9A34
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776&khaos=LM49KSCX-B-B1NA
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 82139f26335f87e45d45c08d5208817a.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
7CFmL6eEACAWJ0ov3GTqwJ8EDlQ8rC7rOjr9hVVkcM_4TbHDlmV4uA==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
usersync
usersync.gumgum.com/ Frame F25A
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:17 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:17 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame CCFE
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:17 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 04 Sep 2023 02:30:17 GMT Mon, 04 Sep 2023 02:30:17 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 5926
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:17 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:17 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
cm.g.doubleclick.net/ Frame 6995 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:17 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AADA 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/jp?r=https%3A%2F%2Fmatch.justpremium.com%2Fmatch%2Fgg%3Fjp_uid%3Dr-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113%26ex_uid%3D%5BUID%5D&gdpr=0&gdpr_consent=&us_privacy=1---&limit=11
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101350
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:17 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
auction
prebid-server.rubiconproject.com/openrtb2/ 		219 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
8241b0cb4844f15be34ad73a6d0a2d0b814adb57cf78b41575893c1571810b36

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
194
Expires
0
auction
tlx.3lift.com/header/ 		19 B
774 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.40.0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tmax=1000&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.81.115.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-115-164.compute-1.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
accept-ch
sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform
x-auction-status
12, 12
content-type
application/json; charset=utf-8
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_728x90_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&permutive=21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&refresh=n&divid=skm-boomerang-el-0-1&st=ban&boom_inj_rule=7bde5d07-5c70-499e-add7-51922da1d092&inview=false&loc=5&impuuid=6471d88a-bf1e-4aef-ab80-51253c266722&inst=5&stinst=1&optimera=Z%2C0.28&id=fc2b2809-4aca-11ee-b76b-0e5bb606f9c9&vw=40%2C50%2C60&grm=40%2C50%2C60&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
53aee69150744d6dafea038662cad29863bd32a32d544eb340f9b0d04b88cc33

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_300x250_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&permutive=21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&refresh=n&divid=skm-ad-flexrec-2&st=flxrec&inview=false&loc=7&impuuid=0d83be41-84cd-4bdc-94e7-ccc5541e065b&inst=6&stinst=3&optimera=Z%2C0.16&id=fc2b280a-4aca-11ee-b76b-0e5bb606f9c9&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
0f8195fabbf2fdf81927e06f29d3baeba287a15306a82bb32bc7f6b0613f93ed

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
122 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969dbd0174740d3eaf131aeb360934&pos=affiliates_300x600_desktop&cmd=bid&pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&addir=bh%2F41%2F412%2F412983%2F2498530&site=shefinds&domain=shefinds.com&urlhash=2907093993&section=collections&directory=walmart-packaging-change&plat=desk&pt=-&schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&browser=Chrome&pageview=1&admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&adt=veryLow&alc=veryLow&dlm=veryLow&drg=veryLow&hat=veryLow&off=veryLow&vio=veryLow&ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&fr=true&permutive=21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&refresh=n&divid=skm-ad-flexrec-2&st=flxrec&inview=false&loc=7&impuuid=0d83be41-84cd-4bdc-94e7-ccc5541e065b&inst=6&stinst=3&optimera=Z%2C0.16&id=fc2b280a-4aca-11ee-b76b-0e5bb606f9c9&vw=40%2C50%2C60%2C70&grm=40%2C50%2C60%2C70&pub=40&vertical=articles&vertical1=articles&eidadserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&secure=1&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
0540e82ba86f827c4fc327b9abefd064c5bf3cf267492a31d1ea1afdcb8966c2

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
content-length
80
imp
g2.gumgum.com/hbid/ 		1 KB
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794617671&to=600&aun=skm-boomerang-el-0-1&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fbanner%2Fskm-boomerang-el-0-1&pv=6028884e-7106-4d9d-961a-f3c48e9d6499&fp=0.05&fpc=USD&maxw=728&maxh=90&si=55609&pi=3&bf=728x90&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3428dd086f6858edd281c51b588efd570c709d81a72bc773dcb3f4ad996428bc

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794617672&to=600&aun=skm-ad-flexrec-2&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-2&pv=6028884e-7106-4d9d-961a-f3c48e9d6499&fp=0.05&fpc=USD&maxw=300&maxh=600&si=55603&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3428dd086f6858edd281c51b588efd570c709d81a72bc773dcb3f4ad996428bc

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		1 KB
992 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1693794617672&to=600&aun=skm-ad-flexrec-2&tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-2&pv=6028884e-7106-4d9d-961a-f3c48e9d6499&fp=0.05&fpc=USD&maxw=300&maxh=600&si=55604&pi=3&bf=300x250%2C300x600&uspConsent=1---&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%227.40.0%22%7D&ogu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ns=10240
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.91.172 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-91-172.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3428dd086f6858edd281c51b588efd570c709d81a72bc773dcb3f4ad996428bc

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
hb
hb.undertone.com/ 		0
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=1322&domain=shefinds.com&ccpa=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-63.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
via
1.1 820b14719bf91dbc846cab9728bc3fe6.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.shefinds.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
230
x-amz-cf-id
5SVSQd0D6JVU4U4kCQjXCDLKo940x5ofCc0N5vhfNcjjHrRpocHskg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=211441
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62cad5993e48a34ea31faa5e445210469b38748e69b4f49ec166057096ee117a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGh%2BmvyzkpmvnULtBYtaK49Fg5Jw02gsNB9V%2Fk2PDnZ7FdLH4taxmmJMrb6fLL0JZtCkcME6JccThjJ36A5WD2GLpquXbzjQi1vgyeF22E%2FHI5bRoFFW9H2qoLptz8C655GhOjA2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf489ca03a09-YYZ
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
bid
ap.lijit.com/rtb/ 		25 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b30c758d4aa3e073432f79d12e3d96dccf4f13910d23ca320966e20d31e5da16

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
bid
s.seedtag.com/c/hb/ 		11 B
32 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/c/hb/bid
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 google
server
openresty
etag
W/"b-OSzRjQUfcriHUprCmY2lR0nxM48"
vary
X-HTTP-Method-Override
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
11
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
c
prebid.a-mo.net/a/ 		999 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
94b68157858c369d59cdd46c1f86b553316db7417f0aa0778e4b60604285c416

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
98
content-length
486
shemedia
direct.adsrvr.org/bid/bidder/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/shemedia
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
cdb
bidder.criteo.com/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=135&profileId=185&av=35&wv=7.40.0&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFprWTJ4clExbnFHSGltWEEzJTJGa0hEZyUyRjhmSnUlMkZVbVA1JTJCWE5UUjZLJTJCdHN4dFhKWVZqUEV0emVvUmRSM3QxdVJvMDF2SW5KdGRvNW9Qc1VEcEVIU2VRTFNpdGdCSHQwbnpmRHIxN2hnJTNEJTNE&cb=16815434649
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
641bd00a99da7ed50fbaec026ed097d7bb52197281974e6ab0904dc1af8ef3d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
1023 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=2&us_privacy=1---&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_v.permutive=21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com%2Cshefinds.com&tg_i.pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&tg_i.addir=bh%2F41%2F412%2F412983%2F2498530&tg_i.site=shefinds&tg_i.urlhash=2907093993&tg_i.section=collections&tg_i.directory=walmart-packaging-change&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&tg_i.fr=true&tg_i.refresh=n&tg_i.batch=2&tg_i.permutive=21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&tg_i.divid=skm-boomerang-el-0-1%2Cskm-boomerang-el-0-1&tg_i.st=ban%2Cban&tg_i.boom_inj_rule=7bde5d07-5c70-499e-add7-51922da1d092%2C7bde5d07-5c70-499e-add7-51922da1d092&tg_i.inview=false%2Cfalse&tg_i.loc=5%2C5&tg_i.impuuid=6471d88a-bf1e-4aef-ab80-51253c266722%2C6471d88a-bf1e-4aef-ab80-51253c266722&tg_i.inst=5%2C5&tg_i.stinst=1%2C1&tg_i.optimera=Z%2C0.28%2CZ%2C0.28&tg_i.id=fc2b2809-4aca-11ee-b76b-0e5bb606f9c9%2Cfc2b2809-4aca-11ee-b76b-0e5bb606f9c9&tg_i.vw=40%2C50%2C60%2C40%2C50%2C60&tg_i.grm=40%2C50%2C60%2C40%2C50%2C60&tg_i.vertical=articles%2Carticles&tg_i.vertical1=articles%2Carticles&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fbanner%2Fskm-boomerang-el-0-1&tk_flint=pbjs_lite_v7.40.0&x_source.tid=98a97c1f-7f16-425d-9c70-1f8c7d43633a&l_pb_bid_id=1655375d77448f0c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fbanner%2Fskm-boomerang-el-0-1&slots=1&rand=0.6082926314821238
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2fb591dccde8db3af12e07ec58f971e49882e9e266d05ad4afa56eed1e50b522

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
965
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		2 KB
1006 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=15&alt_size_ids=10&us_privacy=1---&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_v.permutive=21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com%2Cshefinds.com&tg_i.pvuuid=65e90d9a-880c-4922-8429-737d1e8accef&tg_i.addir=bh%2F41%2F412%2F412983%2F2498530&tg_i.site=shefinds&tg_i.urlhash=2907093993&tg_i.section=collections&tg_i.directory=walmart-packaging-change&tg_i.plat=desk&tg_i.pt=-&tg_i.schainv10=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&tg_i.browser=Chrome&tg_i.pageview=1&tg_i.admants=S_10087%2CS_10271%2CS_10955%2CS_11587%2CS_12403%2CS_12404%2CS_12747%2CS_4284%2CS_4288%2CS_4289%2CS_4304%2CS_4317%2CS_4359%2CS_5276%2CS_6202%2CS_6310%2CS_6650%2CS_6654%2CS_6655%2CS_6766%2CS_6768%2CS_6911%2CS_7077%2CS_8531%2CS_9094&tg_i.adt=veryLow&tg_i.alc=veryLow&tg_i.dlm=veryLow&tg_i.drg=veryLow&tg_i.hat=veryLow&tg_i.off=veryLow&tg_i.vio=veryLow&tg_i.ias-kw=IAS_1506123_PG%2CIAS_3007008_PG%2CIAS_1500690_PG%2CIAS_1500154_PG%2CIAS_1500161_PG%2CIAS_8285_KW%2CIAS_13037_KW%2CIAS_5678_KW%2CIAS_1500092_PG%2CIAS_1500085_PG&tg_i.fr=true&tg_i.refresh=n&tg_i.batch=2&tg_i.permutive=21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&tg_i.divid=skm-ad-flexrec-2%2Cskm-ad-flexrec-2&tg_i.st=flxrec%2Cflxrec&tg_i.inview=false%2Cfalse&tg_i.loc=7%2C7&tg_i.impuuid=0d83be41-84cd-4bdc-94e7-ccc5541e065b%2C0d83be41-84cd-4bdc-94e7-ccc5541e065b&tg_i.inst=6%2C6&tg_i.stinst=3%2C3&tg_i.optimera=Z%2C0.16%2CZ%2C0.16&tg_i.id=fc2b280a-4aca-11ee-b76b-0e5bb606f9c9%2Cfc2b280a-4aca-11ee-b76b-0e5bb606f9c9&tg_i.vw=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.grm=40%2C50%2C60%2C70%2C40%2C50%2C60%2C70&tg_i.pub=40%2C40&tg_i.vertical=articles%2Carticles&tg_i.vertical1=articles%2Carticles&tg_i.bidtype=pre&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-2&tk_flint=pbjs_lite_v7.40.0&x_source.tid=8edd743d-fc0e-412e-91a3-104405a3d952&l_pb_bid_id=166c4f23dbc4e77d&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-2&slots=1&rand=0.14368779421391942
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
dd9bd2593bf28a139efc9398ec65ba300fa4132baa4d5b95123427a9cf3913fa

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
948
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
an-x-request-uuid
ad332b2b-934a-4e48-beca-a02a0ccc3b8c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
krk.kargo.com/api/v2/ 		2 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22345ecc47-20e8-461b-9c5f-0b1a2c3b56b1%22%2C%22requestCount%22%3A1%2C%22timeout%22%3A1000%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1693794617691%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22171b96e758f28866%22%3A%22_ywYyfUetzl%22%7D%2C%22bidSizes%22%3A%7B%22171b96e758f28866%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_ywYyfUetzl%22%7D%2C%22auctionId%22%3A%22acfa8100-2925-4ee7-971a-275c3bf4b9bf%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A0%2C%22location%22%3A%22setConfig%22%7D%2C%22userId%22%3A%7B%22tdid%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22divid%22%3A%5B%22skm-ad-flexrec-2%22%5D%2C%22st%22%3A%5B%22flxrec%22%5D%2C%22inview%22%3A%5B%22false%22%5D%2C%22loc%22%3A%5B%227%22%5D%2C%22impuuid%22%3A%5B%220d83be41-84cd-4bdc-94e7-ccc5541e065b%22%5D%2C%22inst%22%3A%5B%226%22%5D%2C%22stinst%22%3A%5B%223%22%5D%2C%22optimera%22%3A%5B%22Z%22%2C%220.16%22%5D%2C%22id%22%3A%5B%22fc2b280a-4aca-11ee-b76b-0e5bb606f9c9%22%5D%2C%22vw%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22grm%22%3A%5B%2240%22%2C%2250%22%2C%2260%22%2C%2270%22%5D%2C%22pub%22%3A%5B%2240%22%5D%2C%22vertical%22%3A%5B%22articles%22%5D%2C%22vertical1%22%3A%5B%22articles%22%5D%2C%22pbadslot%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-2%22%7D%2C%22gpid%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Farticles%2Fflexrec%2Fskm-ad-flexrec-2%22%2C%22tid%22%3A%228edd743d-fc0e-412e-91a3-104405a3d952%22%7D%7D%2C%22mediaTypes%22%3A%7B%22banner%22%3A%7B%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%7D%7D%2C%22adUnitCode%22%3A%22skm-ad-flexrec-2%22%2C%22transactionId%22%3A%228edd743d-fc0e-412e-91a3-104405a3d952%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%2C%5B300%2C600%5D%5D%2C%22bidId%22%3A%22171b96e758f28866%22%2C%22bidderRequestId%22%3A%22170815d2431947c%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%2C0%2C0%5D%2C%22userId.mod.init%22%3A%5B0.09999847412109375%2C0.40000152587890625%2C0%2C0.20000076293945312%2C0%2C0.20000076293945312%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999847412109375%2C0%2C0%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.40000152587890625%2C0.20000076293945312%2C0.20000076293945312%5D%2C%22userId.init.modules%22%3A%5B3%2C1.2000007629394531%2C1.2000007629394531%5D%2C%22userId.total%22%3A%5B3801.7999992370605%2C168.39999771118164%5D%2C%22userId.mod.callback%22%3A%5B169.5%5D%2C%22userId.mods.identityLink.callback%22%3A%5B169.5%5D%2C%22userId.callbacks.total%22%3A%5B169.60000228881836%5D%2C%22userId.callbacks.pending%22%3A%5B5441%5D%2C%22requestBids.usp%22%3A0.09999847412109375%2C%22requestBids.priceFloors%22%3A0.3000030517578125%2C%22requestBids.userId%22%3A0.2999992370605469%2C%22requestBids.rtd%22%3A137%2C%22requestBids.validate%22%3A0.5999984741210938%2C%22requestBids.makeRequests%22%3A10.099998474121094%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22pvuuid%22%3A%5B%2265e90d9a-880c-4922-8429-737d1e8accef%22%5D%2C%22addir%22%3A%5B%22bh%2F41%2F412%2F412983%2F2498530%22%5D%2C%22site%22%3A%5B%22shefinds%22%5D%2C%22domain%22%3A%5B%22shefinds.com%22%5D%2C%22urlhash%22%3A%5B%222907093993%22%5D%2C%22section%22%3A%5B%22collections%22%5D%2C%22directory%22%3A%5B%22walmart-packaging-change%22%5D%2C%22plat%22%3A%5B%22desk%22%5D%2C%22pt%22%3A%5B%22-%22%5D%2C%22schainv10%22%3A%5B%221.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C%22%5D%2C%22browser%22%3A%5B%22Chrome%22%5D%2C%22pageview%22%3A%5B%221%22%5D%2C%22admants%22%3A%5B%22S_10087%22%2C%22S_10271%22%2C%22S_10955%22%2C%22S_11587%22%2C%22S_12403%22%2C%22S_12404%22%2C%22S_12747%22%2C%22S_4284%22%2C%22S_4288%22%2C%22S_4289%22%2C%22S_4304%22%2C%22S_4317%22%2C%22S_4359%22%2C%22S_5276%22%2C%22S_6202%22%2C%22S_6310%22%2C%22S_6650%22%2C%22S_6654%22%2C%22S_6655%22%2C%22S_6766%22%2C%22S_6768%22%2C%22S_6911%22%2C%22S_7077%22%2C%22S_8531%22%2C%22S_9094%22%5D%2C%22adt%22%3A%5B%22veryLow%22%5D%2C%22alc%22%3A%5B%22veryLow%22%5D%2C%22dlm%22%3A%5B%22veryLow%22%5D%2C%22drg%22%3A%5B%22veryLow%22%5D%2C%22hat%22%3A%5B%22veryLow%22%5D%2C%22off%22%3A%5B%22veryLow%22%5D%2C%22vio%22%3A%5B%22veryLow%22%5D%2C%22ias-kw%22%3A%5B%22IAS_1506123_PG%22%2C%22IAS_3007008_PG%22%2C%22IAS_1500690_PG%22%2C%22IAS_1500154_PG%22%2C%22IAS_1500161_PG%22%2C%22IAS_8285_KW%22%2C%22IAS_13037_KW%22%2C%22IAS_5678_KW%22%2C%22IAS_1500092_PG%22%2C%22IAS_1500085_PG%22%5D%2C%22fr%22%3A%5B%22true%22%5D%2C%22refresh%22%3A%5B%22n%22%5D%2C%22batch%22%3A%5B%222%22%5D%7D%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22permutive%22%3A%5B%2221967%22%2C%2232745%22%2C%2243641%22%2C%2273308%22%2C%2281752%22%2C%2287946%22%2C%2295987%22%2C%2295993%22%2C%2296402%22%2C%2297250%22%2C%22101262%22%2C%22102567%22%2C%22105086%22%2C%22116913%22%2C%22116916%22%2C%22124918%22%2C%22128800%22%2C%22128890%22%2C%22146917%22%2C%22157392%22%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pmc.com%22%2C%22sid%22%3A%221179161%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22prebidVersion%22%3A%227.40.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22tdID%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.147.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-147-220.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:17 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Nbr
505
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
cs
cs.yellowblue.io/ Frame DF0D
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=rise_engage&khaos=LM49KSCX-B-B1NA
  • https://cs.yellowblue.io/cs?aid=11590&id=LM49KSCX-B-B1NA
0
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11590&id=LM49KSCX-B-B1NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=rise_engage&endpoint=us-east
Protocol
H2
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cs.yellowblue.io/cs?aid=11590&id=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%2B-%2BBanner%26ttl%3D720%26uid%3D75d56568a11564bfb79a01d2f...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_c...
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
an-x-request-uuid
64b7e70c-8655-4eaf-be61-b412ad51c4cd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP+-+Banner&ttl=720&uid=75d56568a11564bfb79a01d2fa9fdb29&visitor=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DXandr%2B%25E2%2580%2593%2BInvest%2BDSP%26ttl%3D720%26uid%3D48d5713d5c563cba2049f505b2d944b6%26vis...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
49 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
an-x-request-uuid
16ff9485-635b-4df9-9338-a5c03b0ed2b7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=Xandr+%E2%80%93+Invest+DSP&ttl=720&uid=48d5713d5c563cba2049f505b2d944b6&visitor=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ayl_pixel
api-2-0.spot.im/pixels/ Frame EECB 		0
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api-2-0.spot.im/pixels/ayl_pixel?ayl_id=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-amz-cf-id
1ZNC0amM2TOvAZPrl-PLj5GAfnOCzQb9omcAmOJ6XrRU26V6jJjieg==
x-cache
Miss from cloudfront
sync
visitor.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=adyoulike&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=adyoulike&gdpr=0&user_id=zyBPIM0lGiXUcBx0wXYEIMtwHSzUIBF0zyaIV7q5
  • https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=54d10197-cb46-413a-91f9-8e6ea8d9de90&name=BIDSWITCH&gdpr=0&gdpr_consent=
49 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=54d10197-cb46-413a-91f9-8e6ea8d9de90&name=BIDSWITCH&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Location
//visitor.omnitagjs.com/visitor/sync?uid=2a62ca3297af454b8f19eb7922ed945f&visitor=54d10197-cb46-413a-91f9-8e6ea8d9de90&name=BIDSWITCH&gdpr=0&gdpr_consent=
Date
Mon, 04 Sep 2023 02:30:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=adyoulike&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=BfCE3hDnG2SOJFTOP3fi&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=BfCE3hDnG2SOJFTOP3fi&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=094e13e3a08b6f25e4d4f7b1fba0b26b&visitor=BfCE3hDnG2SOJFTOP3fi&name=RTB_HOUSE&pi=adyoulike&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT, Mon, 04 Sep 2023 02:30:18 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=k2j3gqp&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=3175ac58-0d9d-47aa-b429-d8f42e050f30&name=THE_TRADE_DESK
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=3175ac58-0d9d-47aa-b429-d8f42e050f30&name=THE_TRADE_DESK
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=8122fdac60517b1efe1389612f3dfb34&visitor=3175ac58-0d9d-47aa-b429-d8f42e050f30&name=THE_TRADE_DESK
date
Mon, 04 Sep 2023 02:30:18 GMT
server
Kestrel
content-length
319
sync
visitor-usa02.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=openrtb&zoneCode=openrtb_adyoulike&redirect=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSMILE_WANTED%26ttl%3D720%26uid%3De77031af...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=de826e317f70a0b3dfe489aa3aeab830&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=de826e317f70a0b3dfe489aa3aeab830&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=SMILE_WANTED&ttl=720&uid=e77031af9e62c4ae76bee5b9517c4ef4&visitor=de826e317f70a0b3dfe489aa3aeab830&gdpr=0&gdpr_consent=
access-control-allow-credentials
true
cf-ray
8012cf4c5b6139ff-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
sync
visitor.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/aul
  • https://match.prod.bidr.io/cookie-sync/aul?_bee_ppp=1
  • https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACX7E7J6oIAACoiJc0fIg&name=BEESWAX
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACX7E7J6oIAACoiJc0fIg&name=BEESWAX
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=25295ec01618ddaad37302ab4dd9c8ac&visitor=AACX7E7J6oIAACoiJc0fIg&name=BEESWAX
Date
Mon, 04 Sep 2023 02:30:18 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
sync
visitor-usa02.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/adyoulike/?cb=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DZEMANTA_NATIVE_1_2%26ttl%3D720%26uid%3Df2d9136cf53dede7f83ba16171a37fdd%26visit...
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65TJONUXI33SFV2XGYJQGIXG63LONF2GCZ3KOMXGG33NF53GS43JORXXEL3TPFXGGP3FPBRWQYLOM5ST2YLEPFXXK3DJNNSSMZ3EOBZD2MBGM5SHA4R5GATGOZDQOJPWG...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr=0&gdpr_consent=&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=tBqhGL_SEgdE6TJQpXUm
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr=0&gdpr_consent=&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=tBqhGL_SEgdE6TJQpXUm
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:19 GMT
Content-Type
text/html; charset=utf-8
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?gdpr=0&gdpr=0&gdpr_consent=&name=ZEMANTA_NATIVE_1_2&ttl=720&uid=f2d9136cf53dede7f83ba16171a37fdd&visitor=tBqhGL_SEgdE6TJQpXUm
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
221
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&pu=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DPUBMATIC%26ttl%3D720%26uid%3D2fe1084ffe44c28350116ec0a0a1c2d1%26visitor%...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0

Redirect headers

location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=PUBMATIC&ttl=720&uid=2fe1084ffe44c28350116ec0a0a1c2d1&visitor=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
216
content-type
text/html; charset=utf-8
/
csync.loopme.me/ Frame EECB 		0
0
adyoulike
sync.adotmob.com/cookie/ Frame EECB 		0
0
sync
visitor.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45&name=STACKADAPT&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45&name=STACKADAPT&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=74a1ec3b61e72925193cfceeea1b0608&visitor=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45&name=STACKADAPT&gdpr=0&gdpr_consent=
Date
Mon, 04 Sep 2023 02:30:18 GMT
Connection
keep-alive
Content-Length
217
Content-Type
text/html; charset=utf-8
sync
visitor-usa02.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5E789729-1E92-41CA-8B4F-987C6EDAE9FE&rurl=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADMIXER%26ttl%3D720%26uid%3D0f4b0fcde45fe67...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=1882bd9c06394597afd765bbe1527374&gdpr=0&gdpr_consent=
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=1882bd9c06394597afd765bbe1527374&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Date
Mon, 04 Sep 2023 02:30:18 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=ADMIXER&ttl=720&uid=0f4b0fcde45fe67019618f4c5f35f52e&visitor=1882bd9c06394597afd765bbe1527374&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
0
X-Xss-Protection
0
pixel
ap.lijit.com/ Frame EECB 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Sep 2023 02:30:18 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
visitor-usa02.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://jadserve.postrelease.com/suid/101967?ntv_r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DNATIVO%26ttl%3D720%26uid%3D0544850a0778385701c6899403bef718%26visitor%3DNTV_US...
  • https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=2abeedff-f0d9-4697-a17f-9a9623ab22db&gdpr=0&gdpr_consent=
49 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=2abeedff-f0d9-4697-a17f-9a9623ab22db&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx/1.12.2
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://visitor-usa02.omnitagjs.com/visitor/sync?name=NATIVO&ttl=720&uid=0544850a0778385701c6899403bef718&visitor=2abeedff-f0d9-4697-a17f-9a9623ab22db&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
expires
Mon, 1 Jan 1990 12:00:00 GMT
sync
visitor.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://ads.betweendigital.com/match?bidder_id=44774&callback_url=%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3Dbf39a6af2a15b80f82f7ff725f351919%26visitor%3D%24%7BUSER_ID%7D%26name%3DBETWEEN...
  • https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&name=BETWEENX&gdpr=0&gdpr_consent=
49 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&name=BETWEENX&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

location
https://visitor.omnitagjs.com/visitor/sync?uid=bf39a6af2a15b80f82f7ff725f351919&visitor=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&name=BETWEENX&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
sync
visitor.omnitagjs.com/visitor/ Frame EECB
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=6b2595d5-cf4e-4298-a4ac-bcc34433eaad&secure=1&gdpr=0&gdpr_consent=
  • https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=b95bf7c1-4d91-4313-8f8b-32bc4da8a5c0&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=b95bf7c1-4d91-4313-8f8b-32bc4da8a5c0&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0

Redirect headers

x-servername
Track004-iad
pragma
no-cache
date
Mon, 04 Sep 2023 02:29:41 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://visitor.omnitagjs.com/visitor/sync?uid=6ca9493fd95af83951a8d0b213a77e8d&visitor=b95bf7c1-4d91-4313-8f8b-32bc4da8a5c0&name=BIDTELLECT&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}
cache-control
private,no-cache
content-length
315
expires
-1
711333.gif
id.rlcdn.com/ Frame EECB 		42 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://visitor.omnitagjs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 11:35:10 GMT
content-encoding
gzip
via
1.1 d877346b368e974486e739220882b59e.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:15 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
53708
x-amz-server-side-encryption
AES256
etag
W/"560498a44e7d42477433425cdafd6a16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
aQvGTZL3awwPcIVF23rX-G2aAjXBPjSzJ-yDBKFzlF5m0S2IfVbpoQ==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ref=&_it=amazon&partner_id=458
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
1790
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8012cf48fe6e4bbd-BUF
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		118 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
NZGZF22DA6X55N2Z
age
2073
etag
W/"7799d2904b6b2427a4713f4da8b71602"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8012cf48fbe44bc0-BUF
x-amz-id-2
9ODLf4FiT/PvJBsNSuNeBWOIUC7gfUfoqt13l19MRSVAGmrRdWiwS7SqLIJ07AWWdi+jk5XW3ea5Hw3dJfzUpA==
usync.js
eus.rubiconproject.com/ Frame A457 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57923
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0302 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25909190&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
8232d849159012c5c1c3a81c3b1ccdccfc871799d673fbb4fd238f8f2b6b3840

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 04 Sep 2023 02:30:17 GMT
content-length
1973
content-type
text/html; charset=UTF-8
usync.js
eus.rubiconproject.com/ Frame D377 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57923
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 008B 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7752 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync.smartadserver.com/rtb/csync/ Frame 008B 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7748 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"0dec18a9648b57994b6d38816a4f0f72:1688378499.997788"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/rtb/csync/ Frame 008B 		157 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7748 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
86ec23821217734d74230a6907152bdaf190cfe1f1c6b3490c6ad76d902727a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://csync.smartadserver.com/rtb/csync/CookieSync.html?nwid=3050&dcid=3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"e10b5582af97aec7baf13d0edfb2a28d:1688378500.342453"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4237
sca.17.6.2.js
static.adsafeprotected.com/ Frame 42EE 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
13377544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
WJywXNZhV_Kz_BYF446xqzie2n5f10SC74lCz7K2fEFdhW-q-Zo2og==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930203&campId=728x90&pubId=15403870&chanId=227445190&placementId=5749486547&pubCreative=138357597360&pubOrder=2876985011&cb=365862287&adsafe_par&impId=f7d00b9b-4aca-11ee-b76d-02210cbb4ca3&custom2=frame2&custom3=s1&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2F&adsafe_type=f&adsafe_jsinfo=,id:984e27da-3232-bb44-eb5b-68b1e7d8ea4a,c:naA59B,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-w2gbl,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:679,mot:0,app:0,maw:0,fm:tOQRB8N+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h1%7C1i*.930203%7C1i1%7C1j1%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1i*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:956,oid:fb455c4c-4aca-11ee-a1a8-dad5823e31f3,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx
x-server-name
app16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame C292 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
13377544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
PjrqFYYqmy10xKXCjRLEaLd7778ArEGTigDKpOSSGhVVgHxe4lXsXA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930203&campId=300x250&pubId=15403870&chanId=227445190&placementId=5747529099&pubCreative=138357532778&pubOrder=2876985011&cb=275990459&adsafe_par&impId=f7d00b9c-4aca-11ee-b76d-02210cbb4ca3&custom2=flxrec&custom3=1&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2F&adsafe_type=f&adsafe_jsinfo=,id:ff061bdb-df71-a3df-20c9-b0ff12d77dda,c:naA5al,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-q8vm2,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:980.991.300.250,am:i,cc:980.991.300.250,piv:84,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:946,mot:0,app:0,maw:0,fm:tOQRB9o+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h1%7C1i1%7C1i2%7C1j*.930203%7C1j1%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1j*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:963,oid:fb7c71c3-4aca-11ee-9dbc-ba8586d99ca9,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx
x-server-name
app28.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 33B5 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
13377544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
tES9szyLBZEKWh0m0Z_vZNrgDEVvOEfXUR1SfwWTMaghkjtKJaADtA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930203&campId=300x600&pubId=15403870&chanId=227445190&placementId=5749534799&pubCreative=138357940384&pubOrder=2876985011&cb=1908282859&adsafe_par&impId=f7d00b9d-4aca-11ee-b76d-02210cbb4ca3&custom2=flxrec&custom3=2&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2F&adsafe_type=f&adsafe_jsinfo=,id:ddfb7c5e-6c0e-080b-2e94-f08d6a291eaf,c:naA5aU,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-7tfgs,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:980.1436.300.600,am:i,cc:980.1436.300.600,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:885,mot:0,app:0,maw:0,fm:tOQRBaX+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h1%7C1i1%7C1i2%7C1j1%7C1j2%7C1k*.930203%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1k*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:901,oid:fbbab33b-4aca-11ee-8dc1-a6c0dded72e2,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx
x-server-name
app08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sync.html
s.spotim.market/ Frame AFD0 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:987::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
a046f917d0acd052e2ddbbed8888cec164adb8ba3224c9a6244b628cd8063fa8

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://visitor.omnitagjs.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
1055
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:17 GMT
Server
Adtelligent
X-Robots-Tag
noindex
usync.html
eus.rubiconproject.com/ Frame D668
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 8376
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame A644
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 5BA1 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e46e92d366cb4d2141bfa5fc0e3234a8af2131742fb6745fbf1c41806106c260
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1273
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 4D71 		828 B
894 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Requested by
Host: visitor.omnitagjs.com
URL: https://visitor.omnitagjs.com/visitor/isync?uid=513c4e190506981c315d38ccadf488f2&name=SEEDTAG&visitor=&gdpr=0&gdpr_consent_string=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.170 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
a4eb53d86014ac44f6f609a99b3f46f7a569b43a95a311b5e0335ba71db64f0b

Request headers

Referer
https://visitor.omnitagjs.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
828
content-type
text/html
date
Mon, 04 Sep 2023 02:30:17 GMT
/
onetag-sys.com/match/ Frame CDD1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 04 Sep 2023 02:30:18 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x14 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=1&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Sep 2023 02:30:17 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame CDD1 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
213.19.162.90 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
19600bc21eacf9565125744d917cac10
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame CDD1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
an-x-request-uuid
35cdcb4a-ed09-4f5d-b873-638ac540fef2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CDD1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4Gy5bfY1WuNgqdiG4wyOoB6vnzz4Juqg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4Gy5bfY1WuNgqdiG4wyOoB6vnzz4Juqg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H3
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4Gy5bfY1WuNgqdiG4wyOoB6vnzz4Juqg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame CDD1
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=6796a90144a622c0&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGxnXd9PraBANuf9qAAAAAAAA&expiration=1693881018
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGxnXd9PraBANuf9qAAAAAAAA&expiration=1693881018
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGxnXd9PraBANuf9qAAAAAAAA&expiration=1693881018
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame CDD1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:18 GMT
server
Kestrel
content-length
233
sync
x.bidswitch.net/ Frame CDD1 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
tap.php
pixel.rubiconproject.com/ Frame CDD1 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=xnuK52ymOF96ofea3dFxZ0Mtz6Jchba8dZ1WPwQuw8Y
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ssbsync-global.smartadserver.com/api/ Frame CDD1 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.170 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
content-length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame CDD1 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:16 GMT
content-length
0
occ
ups.analytics.yahoo.com/ups/58488/ Frame CDD1 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
onetag
s.seedtag.com/cs/cookiesync/ Frame CDD1 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/onetag?a=3&channeluid=xnuK52ymOF96ofea3dFxZ0Mtz6Jchba8dZ1WPwQuw8Y
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75601b04186d260
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
rum
dsum-sec.casalemedia.com/ Frame F270
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3723847017943428256
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3723847017943428256
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3723847017943428256
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum.casalemedia.com/ Frame F270
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&us_privacy=1---
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=3037107703ba22c0&is_secure=true&networkId=19998&version=1&us_privacy=1---
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMo9ZT9AiwcQM-Sd4wAAAAAAA&expiration=1693881018&is_secure=true&us_privacy=1---
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMo9ZT9AiwcQM-Sd4wAAAAAAA&expiration=1693881018&is_secure=true&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAMo9ZT9AiwcQM-Sd4wAAAAAAA&expiration=1693881018&is_secure=true&us_privacy=1---
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame F270
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29&us_privacy=1---
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=640113117700930142&expiration=1695004219
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=640113117700930142&expiration=1695004219
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=640113117700930142&expiration=1695004219
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
rum
r.casalemedia.com/ Frame F270
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&us_privacy=1---
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
43 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRFJ0T51WRuDrze5LS%2BehAm3D5xYBXwEqBcy%2FiyJOYApXP8KHmdaZR1I3EFJI64K4jPgTQHCef8ZZ6WP%2BsUB2QyK%2Fa0kPnQlvqXJkpA4sLdO41FiDwkVDrKOebT08Gc5Sd2x"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8012cf5158c33a09-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
crum
dsum.casalemedia.com/ Frame F270
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&us_privacy=1---
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b95bf7c1-4d91-4313-8f8b-32bc4da8a5c0
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b95bf7c1-4d91-4313-8f8b-32bc4da8a5c0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-servername
Track002-iad
pragma
no-cache
date
Mon, 04 Sep 2023 02:29:41 GMT
strict-transport-security
max-age=31536000;
content-type
text/html; charset=utf-8
location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=b95bf7c1-4d91-4313-8f8b-32bc4da8a5c0
cache-control
private,no-cache
content-length
222
expires
-1
/
csync.loopme.me/ Frame F270 		0
0
dcm
s.amazon-adsystem.com/ Frame F270 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:18 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A0TCZMWDTM65X0Z4B96N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F270
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba
date
Mon, 04 Sep 2023 02:30:18 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31435
htw-pixel.gif
cdn.indexww.com/ht/ Frame F270 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43882
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cf4f8f5036db-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:18 GMT
Portal.html
get.s-onetag.com/underground-sync-portal/ Frame AED1 		85 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-103.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
493842
cache-control
max-age=864000
content-length
85
content-type
text/html
date
Tue, 29 Aug 2023 09:19:37 GMT
etag
"131a68f1a3ad405d816af56e04b93481"
last-modified
Mon, 24 Aug 2020 10:07:31 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
x-amz-cf-id
5F3dw-50K9f-OGxm12hQdZKrvrRwqLoV1J-LXcwK_zge6GPfdaKT7A==
x-amz-cf-pop
JFK50-P7
x-amz-version-id
DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu
x-cache
Hit from cloudfront
sca.17.6.2.js
static.adsafeprotected.com/ Frame 951C 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
13377544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
NrEJ9GeKxzHu0M0jUQxBT1X3_fLTaMJjEFA11BvNg2jN15LiAL7WNQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930203&campId=300x250&pubId=15403870&chanId=227445190&placementId=5749533821&pubCreative=138357939916&pubOrder=2876985011&cb=1193819157&adsafe_par&impId=f7d00b9e-4aca-11ee-b76d-02210cbb4ca3&custom2=mrec&custom3=1&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2F&adsafe_type=f&adsafe_jsinfo=,id:c0a2d7cf-9b5c-af72-607e-9f82787e40fd,c:naA5eZ,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-2vqrn,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:495.3665.300.250,am:i,cc:495.3665.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1018,mot:0,app:0,maw:0,fm:tOQRBc2+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h1%7C1i1%7C1i2%7C1j1%7C1j2%7C1k1%7C1k2%7C1l*.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v,idMap:1l*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1088,oid:fbed82cf-4aca-11ee-85f3-a2e149b2fd62,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx
x-server-name
app20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3D2A 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 adfcd8d9db57ac29ba98a20a491e750c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
13377544
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
r_xlF3IobZh0MOTUhlV5Cq7TEkMcgy6G2EgItnCYbaLckuge4nflmA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930203&campId=970x250&pubId=15403870&chanId=227445190&placementId=5748882211&pubCreative=138357559817&pubOrder=2876985011&cb=1475284485&adsafe_par&impId=f7d00b9a-4aca-11ee-b76d-02210cbb4ca3&custom2=flxban&custom3=1&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2F&adsafe_type=f&adsafe_jsinfo=,id:36a09f01-2200-3f12-2021-6c6fbce8b9d7,c:naA5fy,sl:inView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-5pr6g,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:320.235.970.250,am:i,cc:320.235.970.250,piv:100,obst:0,th:0,reas:,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1364,mot:0,app:0,maw:0,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h*.930203%7C1h1%7C1i1%7C1i2%7C1j1%7C1j2%7C1k1%7C1k2%7C1l1%7C1l2%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v,idMap:1h*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1383,oid:fb2020e0-4aca-11ee-a561-92047c187344,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx
x-server-name
app10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=36a09f01-2200-3f12-2021-6c6fbce8b9d7&tv=%7Bc:naA5fz,pingTime:-8,time:1384,type:l,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1384,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1383,wc:0.0.1600.1200,ac:320.235.970.250,am:i,cc:320.235.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B19~100%5D,as:%5B19~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h*.930203%7C1h1%7C1i1%7C1i2%7C1j1%7C1j2%7C1k1%7C1k2%7C1l1%7C1l2%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1384%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
AVmanager.js
player.aniview.com/script/6.1/ Frame 48B0 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
08a2fbf551787398b8b831d56201b2f9595ae2819df8149acd5fe50a592428f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv0HuQOD6a6hkg04pYCe7O1_0wjFYm61KKdhdKmPkaSLXvZlDhD3GAGknch9YRN8N2yRSYMqxaypz7OXN21FWgf
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130516
last-modified
Sun, 03 Sep 2023 06:24:16 GMT
server
UploadServer
etag
"cf6e07b0fe9b65875d84898a04bedbb3"
vary
Accept-Encoding
x-goog-generation
1693722256381290
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=8kqKHQ==, md5=z24HsP6bZYddhImKBL7bsw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130516
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:18 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 0545 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
08a2fbf551787398b8b831d56201b2f9595ae2819df8149acd5fe50a592428f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv0HuQOD6a6hkg04pYCe7O1_0wjFYm61KKdhdKmPkaSLXvZlDhD3GAGknch9YRN8N2yRSYMqxaypz7OXN21FWgf
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130516
last-modified
Sun, 03 Sep 2023 06:24:16 GMT
server
UploadServer
etag
"cf6e07b0fe9b65875d84898a04bedbb3"
vary
Accept-Encoding
x-goog-generation
1693722256381290
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=8kqKHQ==, md5=z24HsP6bZYddhImKBL7bsw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130516
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:18 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=984e27da-3232-bb44-eb5b-68b1e7d8ea4a&tv=%7Bc:naA5h4,pingTime:0,time:1417,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:954%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1417,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:954,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B734~100%5D,as:%5B734~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQRB8N+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h1%7C1i*.930203%7C1i1%7C1j1%7C1k1%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1i*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:956%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
bidder.criteo.com/csm/ 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:17 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ 		699 B
801 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c64a48321da0218bad3d29567bb412192058d86906b9356077bee2a281479c8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
usync.js
eus.rubiconproject.com/ Frame 5926 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57922
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 221A 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
idl.js
assets.a-mo.net/js/ Frame E176 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/idl.js?ga=0&gc=&do=www.shefinds.com&e=27&uid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415
Requested by
Host: assets.a-mo.net
URL: https://assets.a-mo.net/js/cframe.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2239a36b676f56ac4569b253bebe7fd244c22f91c76cee060640386cb16020d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 bb230469f03d4df9d78eb6119c0e0ccc.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
JFK50-P8
age
506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 27 Jun 2023 16:12:52 GMT
server
cloudflare
etag
W/"a61ed4db59070cd66af981cbd85859ca"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
8012cf4ec9f94bc9-BUF
x-amz-cf-id
zJBMFvF0Esygh6N-R5RXomeeChGeFnpU4BgNCUeKvRsNFofTEq18pg==
expires
Mon, 04 Sep 2023 03:30:18 GMT
setuid
prebid.a-mo.net/ Frame E176
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26u...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dadaptmx%26expires%3D30%26u...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&ssp=adaptmx&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?bidder=bid_switch&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Location
//prebid.a-mo.net/setuid?bidder=bid_switch&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
yahoo
prebid.a-mo.net/setuid/ Frame E176
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A&gdpr=0
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A&gdpr=0
date
Mon, 04 Sep 2023 02:30:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame E176
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=LM49KSCX-B-B1NA&gdpr=0&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LM49KSCX-B-B1NA&gdpr=0&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LM49KSCX-B-B1NA&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
setuid
prebid.a-mo.net/ Frame E176
Redirect Chain
  • https://id.a-mx.com/u?&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Damx_com%26uid%3D
  • https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=amx_com&uid=
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=amx_com&uid=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

date
Mon, 04 Sep 2023 02:30:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bo6b4oDsx5OJk%2BUSeh%2Fx%2Bz1cE4X33hJNxUcBZUb8Av29UYznmrSwUiXUl6M7iynO%2FFLLWgg0cEXU8KpW%2Fh627Lc97zIt%2BwtYqwLG1skpvCX0qvW9voei6quB83ezE2%2F6Iq8Qym8RHI%2FfgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain;charset=UTF-8
location
https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=amx_com&uid=
access-control-allow-origin
*
access-control-allow-credentials
true
cf-ray
8012cf4f6c114bc0-BUF
alt-svc
h3=":443"; ma=86400
content-length
0
setuid
prebid.a-mo.net/ Frame E176
Redirect Chain
  • https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dopenx%26uid%3D%24%7BUID%7D
  • https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=openx&uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
0
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=openx&uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=openx&uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
setuid
prebid.a-mo.net/ Frame E176
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1---&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bid...
  • https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=smartadserver&uid=990277896830277133
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=smartadserver&uid=990277896830277133
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=smartadserver&uid=990277896830277133
date
Mon, 04 Sep 2023 02:30:17 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame E176
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dpubmatic%26uid%3DA6AD5A3B-67FF-4D43-A...
  • https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/ Frame E176
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dindex_rtb%2...
  • https://prebid.a-mo.net/setuid?us_privacy=1---&A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=index_rtb&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?us_privacy=1---&A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=index_rtb&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?us_privacy=1---&A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=index_rtb&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
prebid.a-mo.net/ Frame E176
Redirect Chain
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3Dc38e02b2-2b01-4a8f-865b-88eb3fbaa415%26bidder%3Dsovrn%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Mon, 04 Sep 2023 02:30:18 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
ib.adnxs.com/prebid/ Frame E176 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&do=www.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
an-x-request-uuid
2eab0aa6-9f2a-4536-88b0-ce0f39ba3169
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame E176 		86 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&do=www.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.105 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
content-length
86
content-type
image/png
setuid
prebid-server.rubiconproject.com/ Frame E176 		86 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&do=www.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58401/sync?redir=true&gdpr=&gdpr_consent=
  • https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-TLHrjt9E2uHrGNyJnrzBHXP9W8baL9Px~A
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-TLHrjt9E2uHrGNyJnrzBHXP9W8baL9Px~A
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=yahooAdvertising&uid=y-TLHrjt9E2uHrGNyJnrzBHXP9W8baL9Px~A
date
Mon, 04 Sep 2023 02:30:18 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
visitor.omnitagjs.com/visitor/ Frame 4D71 		49 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9276a8c8d010b77af50144c60047b781&visitor=990277896830277133&name=SMARTADSERVER&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
8
content-length
49
expires
0
RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
sync.targeting.unrulymedia.com/csync/ Frame 4D71
Redirect Chain
  • https://sync.1rx.io/usersync2/smartadserver?gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&rndcb=4444715356
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dadcon...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1882bd9c06394597afd765bbe1527374&ssp=adconductor&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&consent=&gdpr_pd=&expires=7
  • https://sync.1rx.io/usersync/bidswitch/54d10197-cb46-413a-91f9-8e6ea8d9de90?gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:23 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:21 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
/
rtb-csync.smartadserver.com/redir/ Frame 4D71
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D86%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2535980227366638075&gdpr=0&gdpr_consent=
43 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2535980227366638075&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
216.22.16.9 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
an-x-request-uuid
805f786f-0734-4ed7-952b-72788a56fea9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=86&partneruserid=2535980227366638075&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
smart
sync.adotmob.com/cookie/ Frame 4D71 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 4D71
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smart/?cb=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D116%26partneruserid%3D__ZUID__&gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33N...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIWWG43ZNZRS443NMFZHIYLEONSXE5TFOIXGG33NF5ZGKZDJOIXT6ZLYMNUGC3THMU6XG3LBOJ2CMZ3EOBZD2MBGNFZXG2J5GETHAYLSORXGK4TJMQ6TCMJWEZYGC...
  • https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=tBqhGL_SEgdE6TJQpXUm
43 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=tBqhGL_SEgdE6TJQpXUm
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
216.22.16.9 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:20 GMT
Content-Type
text/html; charset=utf-8
Location
https://rtb-csync.smartadserver.com/redir/?gdpr=0&issi=1&partnerid=116&partneruserid=tBqhGL_SEgdE6TJQpXUm
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
140
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame A30B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:18 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5755
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693794617703.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101349
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:18 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:30:18 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP005
x-33x-status
40000000008200000A
33across
s.seedtag.com/cs/cookiesync/ Frame 3DCB
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1693794617703.&ri=0010b00002MptHCAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERI...
  • https://s.seedtag.com/cs/cookiesync/33across?channeluid=212166994878779
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/33across?channeluid=212166994878779
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s.seedtag.com/cs/cookiesync/33across?channeluid=212166994878779
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3DCB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=3175ac58-0d9d-47aa-b429-d8f42e050f30&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&ts=1693794620&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&ts=1693794620&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&ts=1693794620&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3DCB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-lhTm9F9E2uEuM8g8Ex6F.kdclWuL4jf7~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-lhTm9F9E2uEuM8g8Ex6F.kdclWuL4jf7%7EA&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-lhTm9F9E2uEuM8g8Ex6F.kdclWuL4jf7%7EA&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-lhTm9F9E2uEuM8g8Ex6F.kdclWuL4jf7%7EA&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3DCB
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=89feb7554e51487&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAMWIUKUlshVAMJrwaHAAAAAAA&expiration=1693881019&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMWIUKUlshVAMJrwaHAAAAAAA&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMWIUKUlshVAMJrwaHAAAAAAA&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAMWIUKUlshVAMJrwaHAAAAAAA&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 3DCB
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4187545677285024608258
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4187545677285024608258&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4187545677285024608258&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: hde.tynt.com
URL: https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://hde.tynt.com/deb/?m=xch&rt=html&id=0010b00002MptHCAAZ&ru=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2F33across%3Fchanneluid%3D33XUSERID33X&b=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4187545677285024608258&ts=1693794619&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
pixels
pix.spot.im/api/v1/ 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
via
1.1 8ee187646f657ced7afa83005e9249cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
EclYUeARNHikKDYqnlTWOX8r_0D_05EQYjwg0YcjOk7k7reBzQtZNA==
PugMaster
image6.pubmatic.com/AdServer/ Frame A6F6 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=30288648&p=157743&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ca1ac90fb5d1ac43c040ca306fc9e41aab10aa9cd85dabb82a3a3428a817b30f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:17 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Portal.js
get.s-onetag.com/underground-sync-portal/ Frame AED1 		766 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/underground-sync-portal/Portal.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/underground-sync-portal/Portal.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-103.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://get.s-onetag.com/underground-sync-portal/Portal.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5
date
Fri, 25 Aug 2023 23:54:15 GMT
via
1.1 bef00830ac8715b50c3242c5f64020a4.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 10:07:19 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
786964
etag
"145e495d0d92a3c8fd975bfe5485b72c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=864000
accept-ranges
bytes
content-length
766
x-amz-cf-id
VZyz8PL3_6bzON7ZhEpPJc7KVId5OTD2ujo6FMdqnUHHNI7yhfWw_A==
usync.js
eus.rubiconproject.com/ Frame 8376 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57922
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usync.js
eus.rubiconproject.com/ Frame D668 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57922
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usync.js
eus.rubiconproject.com/ Frame A644 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:18 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57922
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
async_usersync
ib.adnxs.com/ Frame B541 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
an-x-request-uuid
7b45d369-9e4c-4000-98ac-1a3e135f0303
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=36a09f01-2200-3f12-2021-6c6fbce8b9d7&tv=%7Bc:naA5m3,pingTime:0,time:1786,type:pf,im:%7BpBlk:1400%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1383%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1786,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1383,wc:0.0.1600.1200,ac:320.235.970.250,am:i,cc:320.235.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B421~100%5D,as:%5B421~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h*.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j.930203%7C1j1%7C1j2%7C1k.930203%7C1k1%7C1k2%7C1l.930203%7C1l1%7C1l2%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1384%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
track.adform.net/Serving/Cookie/ Frame F416 		73 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Cookie/?adfaction=getjs;adfcookname=uid
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
180
expires
-1
usync.html
eus.rubiconproject.com/ Frame 9035
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=publicidad&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:19 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:18 GMT
location
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
server
AkamaiGHost
/
onetag-sys.com/usync/ Frame 38A4 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
bccdd7642abcfefe194b6974ba1509cc41ad83ac7e06e7e948ad68d13cfdb8d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.richaudience.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1356
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
/
sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/ Frame F416
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/richaudience&gdpr=0&gdpr_consent=
  • https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AACX7E7J6oIAACoiJc0fIg
95 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AACX7E7J6oIAACoiJc0fIg
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:30:10 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

location
https://sync.richaudience.com/5cabe097b3ebe2daf96e0f4655657171/?uid=AACX7E7J6oIAACoiJc0fIg
Date
Mon, 04 Sep 2023 02:30:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
/
sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/ Frame F416
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HQzWZQZHTprevADoQOeL11M1
95 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:30:10 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
/
sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/ Frame F416
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.richaudience.com%2F1575707c462b6525f008e40ae9438a8b%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=de826e317f70a0b3dfe489aa3aeab830
95 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=de826e317f70a0b3dfe489aa3aeab830
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:30:11 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

date
Mon, 04 Sep 2023 02:30:19 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://sync.richaudience.com/1575707c462b6525f008e40ae9438a8b/?uid=de826e317f70a0b3dfe489aa3aeab830
access-control-allow-credentials
true
cf-ray
8012cf50b97b39ff-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=984e27da-3232-bb44-eb5b-68b1e7d8ea4a&tv=%7Bc:naA5nx,pingTime:-2,time:1818,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1750,beZ:1751,mfA:2429,cmA:2431,inA:2432,inZ:2438,prA:2438,prZ:2696,si:2706,poA:2707,poZ:2729,cmZ:2729,mfZ:2729,loA:3249,loZ:3256,ltA:3568,ltZ:3568,mdA:1752,mdZ:1910%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:954%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1818,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:954,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1135~100%5D,as:%5B1135~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i*.930203%7C1i1%7C1j.930203%7C1j1%7C1k.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1i*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:956,slid:%5Bgoogle_ads_iframe_/83521017293/a.shefinds/articles_1,google_ads_iframe_/83521017293/a.shefinds/articles_1__container__,skm-ad-frame2,pmc-atlasmg-adhesion-bar%5D,sinceFw:861,readyFired:true%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
ads
securepubads.g.doubleclick.net/gampad/ 		67 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4012409536050128&correlator=3521277002188602&eid=31077576%2C20222283&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=8352%3A1017293%2Ca.shefinds%2Carticles&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%2C300x250%7C300x600%2C1x1&ifi=12&sfv=1-0-40&ists=1&eri=1&sc=1&cookie=ID%3Df4365ba33414e7f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MazNz2hq7EamHvgy9Von-nafnO9QQ&gpic=UID%3D000009fc561c41f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MbKlL1TgVc1-vhqOeuMOl23b4vyjg&abxe=1&dt=1693794619010&lmt=1693830476&adxs=436%2C962%2C0&adys=4047%2C7044%2C14956&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=17%7C18%7C19&ucis=9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&vis=1&psz=960x368%7C336x600%7C1600x1200&msz=960x90%7C336x600%7C1600x0&fws=0%2C512%2C0&ohw=0%2C0%2C0&psts=AOrYGsnnC91UF6cTPDsAz6cn3V-SHlGn3D5Akqhf6rV5tTnahYjljdWxOsEsE4sWfznnEANm100uUJW1gA-ulw%2CAOrYGsn2ca7cYZ-6pwtnNQkfzm7eBfBMd8HEvYeyzdoaKsNucKmQEbXrkSF14SDWETQ9qwyaAHmU4Zq291I6eQ%2CAOrYGsnFz0ILjUQz98rxX4Gp3skWgVEHcHqjT9e-Aa76O1KA4JjMc5_dt05qNQ32yDOb31mxgQye7NKc2J-jQA%2CAOrYGsmaVb2McJJsyWjtAcSbJcWNcPCb2m4Xw6FIA7Mq6Uh26XLJ-TFzwHjgxqLDLQ1RVa5vum8F-9kzn9f3GQ%2CAOrYGskmgawm1vxUUtr1_m_exO0xlZ828INxc7i-_BrZ11L13B9jUZvpYHOatXJFLu_Iq-O4SiHHNJv-yKOfHw&ga_vid=1789139906.1693794608&ga_sid=1693794609&ga_hid=373171656&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Yqcya8KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKnMmvClMUgAUgIIZA..&dlt=1693794606980&idt=1664&ppid=92e47ef3-e5e4-4a9c-b6d4-2eb85344024c&prev_scp=divid%3Dskm-boomerang-el-0-1%26st%3Dban%26boom_inj_rule%3D7bde5d07-5c70-499e-add7-51922da1d092%26inview%3Dfalse%26loc%3D5%26impuuid%3D6471d88a-bf1e-4aef-ab80-51253c266722%26inst%3D5%26stinst%3D1%26optimera%3DZ%2C0.28%26id%3Dfc2b2809-4aca-11ee-b76b-0e5bb606f9c9%26vw%3D40%2C50%2C60%26grm%3D40%2C50%2C60%26amzniid%3DJOJcHYXUN7OG2zSJlkaY6EoAAAGKXgbIpQEAAAxZAQBhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICDVMsOk%26amznp%3D8iyubk%26amznsz%3D728x90%26amznbid%3D4854w0%26boom_cpm%3D0.06%26boom_winner%3Dcriteo_display%26boom_size%3D728x90%7Cdivid%3Dskm-ad-flexrec-2%26st%3Dflxrec%26inview%3Dfalse%26loc%3D7%26impuuid%3D0d83be41-84cd-4bdc-94e7-ccc5541e065b%26inst%3D6%26stinst%3D3%26optimera%3DZ%2C0.16%26id%3Dfc2b280a-4aca-11ee-b76b-0e5bb606f9c9%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40%26amzniid%3D%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%26boom_cpm%3D0.39%26boom_winner%3Dcriteo_display%26boom_size%3D300x250%7Coop%3Dcontent-belt-2%26divid%3Dskm-ad-outstream-test%26st%3Dinlineoop%26inview%3Dtrue%26loc%3D17%26impuuid%3De2e79383-b22a-444a-bcf0-bc215f16825a%26inst%3D7%26stinst%3D1%26id%3Dfc2b280b-4aca-11ee-b76b-0e5bb606f9c9%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40&cust_params=permutive%3D21967%252C32745%252C43641%252C73308%252C81752%252C87946%252C95987%252C95993%252C96402%252C97250%252C101262%252C102567%252C105086%252C116913%252C116916%252C124918%252C128800%252C128890%252C146917%252C157392%26puid%3Db10f1680-a6f7-4e6e-8f05-6311e1399ca3%26ptime%3D1693794609682%26pvuuid%3D65e90d9a-880c-4922-8429-737d1e8accef%26addir%3Dbh%252F41%252F412%252F412983%252F2498530%26site%3Dshefinds%26domain%3Dshefinds.com%26urlhash%3D2907093993%26section%3Dcollections%26directory%3Dwalmart-packaging-change%26plat%3Ddesk%26pt%3D-%26schainv10%3D1.0%252C1!pmc.com%252C1179161%252C1%252C%252C%252C%26browser%3DChrome%26pageview%3D1%26admants%3DS_10087%252CS_10271%252CS_10955%252CS_11587%252CS_12403%252CS_12404%252CS_12747%252CS_4284%252CS_4288%252CS_4289%252CS_4304%252CS_4317%252CS_4359%252CS_5276%252CS_6202%252CS_6310%252CS_6650%252CS_6654%252CS_6655%252CS_6766%252CS_6768%252CS_6911%252CS_7077%252CS_8531%252CS_9094%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1506123_PG%252CIAS_3007008_PG%252CIAS_1500690_PG%252CIAS_1500154_PG%252CIAS_1500161_PG%252CIAS_8285_KW%252CIAS_13037_KW%252CIAS_5678_KW%252CIAS_1500092_PG%252CIAS_1500085_PG%26fr%3Dtrue%26prmtvsdk%3Dweb%26refresh%3Dn%26batch%3D2%26boom_session%3D8c0d38a66db0de&adks=2068995355%2C834674591%2C1140019239&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00b7a057f6a881b07c21b3b72ce7ac9ea4548a485c0c8ec59f5f1cf726cd3c8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15598
x-xss-protection
0
google-lineitem-id
5064405287,239329990,5075857870
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138308429214,138297011555,138338077981
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/cri?r=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3dz7j3ZF84U3N5c01mMG1SbnRDdGxsbCUyRm5udmltbnFPZCUyRiUyRmVzUVFXODJ3MTMlMkY1bUklM0Q%26u%3d%24%7b...
  • https://ssp-sync.criteo.com/user-sync/match?p=z7j3ZF84U3N5c01mMG1SbnRDdGxsbCUyRm5udmltbnFPZCUyRiUyRmVzUVFXODJ3MTMlMkY1bUklM0Q&u=AACX7E7J6oIAACoiJc0fIg&us_privacy=1---
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=z7j3ZF84U3N5c01mMG1SbnRDdGxsbCUyRm5udmltbnFPZCUyRiUyRmVzUVFXODJ3MTMlMkY1bUklM0Q&u=AACX7E7J6oIAACoiJc0fIg&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=z7j3ZF84U3N5c01mMG1SbnRDdGxsbCUyRm5udmltbnFPZCUyRiUyRmVzUVFXODJ3MTMlMkY1bUklM0Q&u=AACX7E7J6oIAACoiJc0fIg&us_privacy=1---
Date
Mon, 04 Sep 2023 02:30:19 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=criteo&custom_data=IEkn818lMkI4OEIxVlpTcnNKZ3NVSjVlUDhQYW1kbVZQRCUyRkVUOW5KRkR1WGVKR1VtcyUzRA&gdpr=&gdpr_consent=&us_privacy=1---&cr_user_id=k-IYG5OqXEl1SUKYrT7buHk...
  • https://dis.criteo.com/dis/usersync.aspx?r=25&p=52&dis=0&gdpr=&gdpr_consent=&url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D462%26ssp%3Dcriteo%26user_id%3D%40%40CRITEO_USERID%40%40
  • https://x.bidswitch.net/sync?dsp_id=462&ssp=criteo&user_id=k-IYG5OqXEl1SUKYrT7buHkdkN_1yLDk8DjtbXkA&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=&u=54d10197-cb46-413a-91f9-8e6ea8d9de90
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=&u=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=&u=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
ssp-sync.criteo.com/user-sync/
Redirect Chain
  • https://sync.taboola.com/sg/criteoscod/1/cm?redirect=https%3a%2f%2fssp-sync.criteo.com%2fuser-sync%2fmatch%3fp%3d-zZtcV91WGZlb2klMkZxUkVrYjJKWU12WDhyeEV1VldidGtod2tnc3FxeFdmNUJuYjglM0Q%26u%3d%3cTUI...
  • https://ssp-sync.criteo.com/user-sync/match?p=-zZtcV91WGZlb2klMkZxUkVrYjJKWU12WDhyeEV1VldidGtod2tnc3FxeFdmNUJuYjglM0Q&u=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=-zZtcV91WGZlb2klMkZxUkVrYjJKWU12WDhyeEV1VldidGtod2tnc3FxeFdmNUJuYjglM0Q&u=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

location
https://ssp-sync.criteo.com/user-sync/match?p=-zZtcV91WGZlb2klMkZxUkVrYjJKWU12WDhyeEV1VldidGtod2tnc3FxeFdmNUJuYjglM0Q&u=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba
date
Mon, 04 Sep 2023 02:30:19 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
31661
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=ff061bdb-df71-a3df-20c9-b0ff12d77dda&tv=%7Bc:naA5ot,pingTime:-2,time:1839,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1425,beZ:1427,mfA:2371,cmA:2371,inA:2371,inZ:2373,prA:2373,prZ:2384,si:2388,poA:2389,poZ:2406,cmZ:2406,mfZ:2406,loA:2910,loZ:2914,ltA:3264,ltZ:3264,mdA:1428,mdZ:1577%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:84,vs:i,r:,w:300,h:250,t:963%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1839,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:963,wc:0.0.1600.1200,ac:980.991.300.250,am:i,cc:980.991.300.250,piv:84,obst:0,th:0,reas:,bkn:%7Bpiv:%5B892~75%5D,as:%5B892~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j*.930203%7C1j1%7C1k.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1j*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:963,slid:%5Bgoogle_ads_iframe_/83521017293/a.shefinds/articles_2,google_ads_iframe_/83521017293/a.shefinds/articles_2__container__,skm-ad-flexrec-1,content,container%5D,sinceFw:875,readyFired:true%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=ddfb7c5e-6c0e-080b-2e94-f08d6a291eaf&tv=%7Bc:naA5ox,pingTime:-2,time:1746,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1114,beZ:1115,mfA:1999,cmA:2000,inA:2000,inZ:2002,prA:2002,prZ:2012,si:2015,poA:2016,poZ:2032,cmZ:2032,mfZ:2032,loA:2512,loZ:2515,ltA:2860,ltZ:2860,mdA:1116,mdZ:1183%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:600,t:901%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1746,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:901,wc:0.0.1600.1200,ac:980.1436.300.600,am:i,cc:980.1436.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B860~0%5D,as:%5B860~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j.930203%7C1j1%7C1j2%7C1k*.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1k*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:901,slid:%5Bgoogle_ads_iframe_/83521017293/a.shefinds/articles_3,google_ads_iframe_/83521017293/a.shefinds/articles_3__container__,skm-ad-flexrec-rightrail,content,container%5D,sinceFw:844,readyFired:true%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel
cm.g.doubleclick.net/ Frame 5BA1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GzsXWh__G3ZH7KqlEtWd0jRGUPN_iyg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GzsXWh__G3ZH7KqlEtWd0jRGUPN_iyg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GzsXWh__G3ZH7KqlEtWd0jRGUPN_iyg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 5BA1
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=740a5fe3f72f1487&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9AiwlwMbGeayAAAAAAA&expiration=1693881019
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9AiwlwMbGeayAAAAAAA&expiration=1693881019
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9AiwlwMbGeayAAAAAAA&expiration=1693881019
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 5BA1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x58 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Sep 2023 02:30:18 GMT
/
onetag-sys.com/match/ Frame 5BA1
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19600bc21eacf9565125744d917cac10
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 5BA1 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=PwfHdyU0ZcLOOGtQfSftrVZzAMZEcisJMrNaJBITPSM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 5BA1
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 5BA1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
date
Mon, 04 Sep 2023 02:30:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 5BA1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:19 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame 5BA1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1813050723370043128&expires=30&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sync
visitor.omnitagjs.com/visitor/ Frame 5BA1 		49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=f04f5c55f88ffea7a3ce5b2d908a6e71&visitor=PwfHdyU0ZcLOOGtQfSftrVZzAMZEcisJMrNaJBITPSM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a07370227fc000&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:18 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0
usync.js
eus.rubiconproject.com/ Frame A30B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57921
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=c0a2d7cf-9b5c-af72-607e-9f82787e40fd&tv=%7Bc:naA5pv,pingTime:-2,time:1739,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:849,beZ:850,mfA:1867,cmA:1868,inA:1868,inZ:1870,prA:1870,prZ:1929,si:1937,poA:1937,poZ:1951,cmZ:1951,mfZ:1951,loA:2369,loZ:2372,ltA:2588,ltZ:2588,mdA:851,mdZ:892%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:1087%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1739,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1087,wc:0.0.1600.1200,ac:495.3665.300.250,am:i,cc:495.3665.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B720~0%5D,as:%5B720~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j.930203%7C1j1%7C1j2%7C1k.930203%7C1k1%7C1k2%7C1l*.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v,idMap:1l*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1088,slid:%5Bgoogle_ads_iframe_/83521017293/a.shefinds/articles_4,google_ads_iframe_/83521017293/a.shefinds/articles_4__container__,skm-ad-medrec-03,sf-editorial-col,content,container%5D,sinceFw:651,readyFired:true%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
onetag-sys.com/usync/ Frame B28B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
4dc1b30a52048cc64f0885815a16e9b7929f833a01347a293a7f8a7f9727933b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1065
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 693E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101348
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:19 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 5F2A
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D644680%26extuid%3D%24UID&gdpr=0&gdpr_consent=
  • https://sync.spotim.market/csync?t=a&ep=644680&extuid=4187545677285024608258
43 B
455 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=644680&extuid=4187545677285024608258
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://s.spotim.market/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:18 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:30:19 GMT
location
https://sync.spotim.market/csync?t=a&ep=644680&extuid=4187545677285024608258
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
sync.targeting.unrulymedia.com/csync/ Frame AFD0
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&rndcb=8966190251
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&google_hm=NTRkMTAxOTctY2I0Ni00MTNhLTkxZjktOGU2ZWE4ZDlk...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGYFTk1BEPH6BrhXKezk8Gc&google_cver=1&ssp=adconductor&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://sync.1rx.io/usersync/bidswitch/54d10197-cb46-413a-91f9-8e6ea8d9de90?gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:23 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:21 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
csync
sync.spotim.market/ Frame AFD0
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D482928%26extuid%3D%24%7BUID%7D
  • https://sync.spotim.market/csync?t=a&ep=482928&extuid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=482928&extuid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://sync.spotim.market/csync?t=a&ep=482928&extuid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121
sync
visitor.omnitagjs.com/visitor/ Frame AFD0
Redirect Chain
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Fredir%3Dhttps%253A%252F%252Fvisitor.omnitagjs.com%252Fvisitor%252Fsync%253Fuid%253D9f93135e824096b627ff609f5cdee636...
  • https://sync.spotim.market/csync?redir=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D9f93135e824096b627ff609f5cdee636%26visitor%3D%7Buid%7D%26name%3DOPENWEB
  • https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=afb42d02c4c3c298&name=OPENWEB
49 B
178 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=afb42d02c4c3c298&name=OPENWEB
Requested by
Host: s.spotim.market
URL: https://s.spotim.market/sync.html?aid=750078&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s.spotim.market/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0

Redirect headers

Location
https://visitor.omnitagjs.com/visitor/sync?uid=9f93135e824096b627ff609f5cdee636&visitor=afb42d02c4c3c298&name=OPENWEB
Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=36a09f01-2200-3f12-2021-6c6fbce8b9d7&tv=%7Bc:naA5pG,pingTime:-2,time:2011,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2080,beZ:2082,mfA:3445,cmA:3445,inA:3445,inZ:3448,prA:3448,prZ:3460,si:3464,poA:3469,bl:3481,poZ:3481,cmZ:3481,mfZ:3481,loA:3881,loZ:3884,ltA:4091,ltZ:4091,mdA:2083,mdZ:2267%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1383%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2011,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1383,wc:0.0.1600.1200,ac:320.235.970.250,am:i,cc:320.235.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B646~100%5D,as:%5B646~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h*.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j.930203%7C1j1%7C1j2%7C1k.930203%7C1k1%7C1k2%7C1l.930203%7C1l1%7C1l2%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v,idMap:1h*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1384,slid:%5Bgoogle_ads_iframe_/83521017293/a.shefinds/articles_0,google_ads_iframe_/83521017293/a.shefinds/articles_0__container__,skm-ad-flexbanner,container%5D,sinceFw:623,readyFired:true%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
optoutstatus.html
ads.shemedia.com/static/ Frame 83AB 		748 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1795
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:30:19 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
1Pr4q3ueMkEmSOTGg1Ct8XuyobJQoUR6CAzCQJ4pK/MkTZz5JPF4CiOVJa8V99dPp7hDLgeozes=
x-amz-request-id
9ZN602YBZ4B46ZN1
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
169
x-served-by
cache-yyz4583-YYZ
x-timer
S1693794619.138573,VS0,VE0
config.json
player.adtelligent.com/exchange_rates/279896/ Frame 4798 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e526dec546f52d33e10654eb66ea362614d3bed63800892021fd0f977c5e8960

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 06 Sep 2023 02:30:19 GMT
date
Mon, 04 Sep 2023 02:30:19 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 12:02:23 GMT
server
nginx
etag
W/"64f3244f-857"
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=172800
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 4798 		248 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:16:41 GMT
content-encoding
gzip
via
1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
last-modified
Thu, 24 Aug 2023 18:15:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, JFK50-P3
age
819
x-amz-server-side-encryption
AES256
etag
W/"761fb227b5d9333f86d2e976465cc3f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
1bdjhVZtr9TPKfsm9SMcBEEjLKmtnSC2rMYv_3rXRKPAytT-P2waQw==
grumi.js
rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/ Frame 4798 		408 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b94a7ac6e5f81b1cf433b5c82e5c06748ee00d8b8ad5bedd1b8f38d4a05109ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:24 GMT
x-amz-version-id
4nOL.y8Pceq2zUiV6E2N7Dwqza7kNnBA
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:24:23 GMT
server
AmazonS3
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"74b975b15fcc799af45cf150186365d3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2036
x-amz-cf-id
PU9JOZ-_K0ge-Bvi15nYKCHCbDmzPvc17Vw8lAlE3SUFQkceU5XDZQ==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 4798 		409 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56233df21d5cf20e733370b2ba8360f291783115d4fc4e633ab23dd0ae4af4e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
gX70kDBwIFvRK6eYdKlVyfGL2wxylpWg
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:22:23 GMT
server
AmazonS3
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"b46160acc37e84b67938a57a16580cfc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2038
x-amz-cf-id
YvJjiohBzlZNVXZzj5I_HBjySpMUxJQey4RRNK4Q9_tNA-_g6s4cwQ==
optoutstatus.html
ads.shemedia.com/static/ Frame 7BA1 		748 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1795
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:30:19 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
1Pr4q3ueMkEmSOTGg1Ct8XuyobJQoUR6CAzCQJ4pK/MkTZz5JPF4CiOVJa8V99dPp7hDLgeozes=
x-amz-request-id
9ZN602YBZ4B46ZN1
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
170
x-served-by
cache-yyz4583-YYZ
x-timer
S1693794619.202510,VS0,VE0
Pug
image2.pubmatic.com/AdServer/ Frame 11E9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDWDdFN0o2b0lBQUNvaUpjMGZJZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Csyn%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AACX7E7J6oIAACoiJc0fIg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AACX7E7J6oIAACoiJc0fIg&pid=558502&do=add&gd...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AACX7E7J6oIAACoiJc0fIg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=990277896830277133&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AACX7E7J6oIAACoiJc0fIg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D990277896830277133%26gdpr%3D0%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=990277896830277133&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=4
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACX7E7J6oIAACoiJc0fIg&gdpr=0&gdpr_consent=
42 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACX7E7J6oIAACoiJc0fIg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACX7E7J6oIAACoiJc0fIg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame E6F3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2535980227366638075&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2535980227366638075&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
2588a3a7-26d3-478b-a4a2-8a6b43567905
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:19 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2535980227366638075&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 5EE5
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=fae2f914-4aca-11ee-872e-d4bc0acdf791
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=fae2f914-4aca-11ee-872e-d4bc0acdf791
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Sep 2023 21:20:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Mon, 04 Sep 2023 02:30:19 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=fae2f914-4aca-11ee-872e-d4bc0acdf791
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-9
Pug
image2.pubmatic.com/AdServer/ Frame EEFA
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_a1f61cad865644a2aaed7
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_a1f61cad865644a2aaed7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
image/gif
date
Mon, 04 Sep 2023 02:30:18 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_a1f61cad865644a2aaed7
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
image2.pubmatic.com/AdServer/ Frame D43B
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=go-ic4CK93aZ3_EnjNnpc4bf8H-Zj_wngolFna6g
42 B
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=go-ic4CK93aZ3_EnjNnpc4bf8H-Zj_wngolFna6g
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:30:19 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=go-ic4CK93aZ3_EnjNnpc4bf8H-Zj_wngolFna6g
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame DE93 		85 B
259 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 04 Sep 2023 02:30:19 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4529-YYZ
x-timer
S1693794619.252014,VS0,VE21
Pug
simage2.pubmatic.com/AdServer/ Frame 81EF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Sep 2023 21:21:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:19 GMT
expires
Mon, 04 Sep 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
640556
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
usersync
usersync.gumgum.com/ Frame 9D68 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:19 GMT
Expires
0
Pragma
no-cache
insync
thrtle.com/ Frame 0302
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&vxii_pid=12&vxii_pid1=10067&vxii_rcid=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&vxii_pid=12&vxii_pid1=10067&vxii_rcid=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Server
52.201.153.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-153-89.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 04 Sep 2023 02:30:19 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&vxii_pid=12&vxii_pid1=10067&vxii_rcid=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
date
Mon, 04 Sep 2023 02:30:19 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 0302 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 0302 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.92.247.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-92-247-49.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 0302 		0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:19 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0302
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://a.clickcertain.com/px/img/bidswitch/?bidswitch_ssp_id=pubmatic&bs_uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://a.usbrowserspeed.com/cs?puid=8cf2afd4-acd3-5c6c-965d-fa96a0f1449a&pid=lc&r=https%3a%2f%2fmatch%2eprod%2ebidr%2eio%2fcookie%2dsync%2ffivebyfive%3fr%3dhttps%253a%252f%252fa%252eclickcertain%2...
  • https://match.prod.bidr.io/cookie-sync/fivebyfive?r=https%3a%2f%2fa%2eclickcertain%2ecom%2fpx%2fimg%2fbidswitch%2f%3fdone%3dtrue%26bidswitch_ssp_id%3dpubmatic
  • https://a.usbrowserspeed.com/cs?puid=AACX7E7J6oIAACoiJc0fIg&pid=beeswax&r=https%3A%2F%2Fa.clickcertain.com%2Fpx%2Fimg%2Fbidswitch%2F%3Fdone%3Dtrue%26bidswitch_ssp_id%3Dpubmatic
  • https://a.clickcertain.com/px/img/bidswitch/?done=true&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=179&user_id=01940ca9-0576-4940-949a-9d054abfc25a&expires=5&user_group=0&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&gdpr_pd=
1 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:23 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 04 Sep 2023 02:30:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 0302 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=gg_n-index_n-minuteMedia_bf_rx_n-acuityads_n-MediaNet_ox-db5_smrt_cnv_n-smaato_n-undertone_n-onetag_pm-db5_n-simpli.fi_ym_rbd_ppt_n-vmg_an-db5_sovrn_n-Rise_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
sn.ashx
pmp.mxptint.net/ Frame 0302
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R35CA5_10874D1AA_4C1A5CCE&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
0
0
optoutstatus.html
ads.shemedia.com/static/ Frame D3A4 		748 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1795
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:30:19 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
1Pr4q3ueMkEmSOTGg1Ct8XuyobJQoUR6CAzCQJ4pK/MkTZz5JPF4CiOVJa8V99dPp7hDLgeozes=
x-amz-request-id
9ZN602YBZ4B46ZN1
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
171
x-served-by
cache-yyz4583-YYZ
x-timer
S1693794619.270674,VS0,VE0
config.json
player.adtelligent.com/exchange_rates/279896/ Frame B3F9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e526dec546f52d33e10654eb66ea362614d3bed63800892021fd0f977c5e8960

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 06 Sep 2023 02:30:19 GMT
date
Mon, 04 Sep 2023 02:30:19 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 12:02:23 GMT
server
nginx
etag
W/"64f3244f-857"
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=172800
x-proxy-cache
HIT
apstag.js
c.amazon-adsystem.com/aax2/ Frame B3F9 		248 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:16:41 GMT
content-encoding
gzip
via
1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 84eb14fd35e56c52f969c1decfba148c.cloudfront.net (CloudFront)
last-modified
Thu, 24 Aug 2023 18:15:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, JFK50-P3
age
819
x-amz-server-side-encryption
AES256
etag
W/"761fb227b5d9333f86d2e976465cc3f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
rNJhWmCjlKRH6S4hEdq708PkeGXGLnRrZCnpJ_FGtH50AbCeYaLs6Q==
grumi.js
rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/ Frame B3F9 		408 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/463c39d7-695c-451b-8ebb-54947d02d3d2/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b94a7ac6e5f81b1cf433b5c82e5c06748ee00d8b8ad5bedd1b8f38d4a05109ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:24 GMT
x-amz-version-id
4nOL.y8Pceq2zUiV6E2N7Dwqza7kNnBA
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:24:23 GMT
server
AmazonS3
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"74b975b15fcc799af45cf150186365d3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2036
x-amz-cf-id
VNr1vxWIJbyv-SHZEFbExnJtp4ep0NQgxGhfOMogTFMHEQ51t8qtIg==
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame B3F9 		409 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56233df21d5cf20e733370b2ba8360f291783115d4fc4e633ab23dd0ae4af4e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
gX70kDBwIFvRK6eYdKlVyfGL2wxylpWg
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:22:23 GMT
server
AmazonS3
via
1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"b46160acc37e84b67938a57a16580cfc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2038
x-amz-cf-id
jEc3xPG42ww3WX56Bi66damU0eQtXgBPWPsxxdF26TztS352y5sQZQ==
optoutstatus.html
ads.shemedia.com/static/ Frame A706 		748 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1795
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:30:19 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
1Pr4q3ueMkEmSOTGg1Ct8XuyobJQoUR6CAzCQJ4pK/MkTZz5JPF4CiOVJa8V99dPp7hDLgeozes=
x-amz-request-id
9ZN602YBZ4B46ZN1
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
172
x-served-by
cache-yyz4583-YYZ
x-timer
S1693794619.312244,VS0,VE0
optoutstatus.html
ads.shemedia.com/static/ Frame 4697 		748 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1795
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:30:19 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
1Pr4q3ueMkEmSOTGg1Ct8XuyobJQoUR6CAzCQJ4pK/MkTZz5JPF4CiOVJa8V99dPp7hDLgeozes=
x-amz-request-id
9ZN602YBZ4B46ZN1
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
173
x-served-by
cache-yyz4583-YYZ
x-timer
S1693794619.322297,VS0,VE0
Rubicon
s.seedtag.com/cs/cookiesync/ Frame D377
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=seedtag&khaos=LM49KSCX-B-B1NA
  • https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LM49KSCX-B-B1NA
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LM49KSCX-B-B1NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=seedtag&endpoint=eu
Protocol
H3
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.seedtag.com/cs/cookiesync/Rubicon?channeluid=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
async
api-2-0.spot.im/v1.0.0/conversation/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 04 Sep 2023 02:30:19 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-id
-jJtB5Ss6JwwxBFPh4Ayi5nfqK-pQNodueXT632d0_xxH5eki5KnBQ==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
async
api-2-0.spot.im/v1.0.0/conversation/ 		3 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/async
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
x-post-id
907296
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
e3a6c02f-3821-4966-b815-070e1fd3f4b8
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfWHFWU21IcVMzbWhwIiwiZGlzcGxheV9uYW1lIjoiR29sZFNlYWhvcnNlIiwidXNlcl9uYW1lIjoiR29sZFNlYWhvcnNlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI0dvbGQtU2VhaG9yc2UiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNjkzNzk0NjEzLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTA0MzZVVEVaLjYwY2EwNzI0MzkwMjZhYWJiOTJlNWEwY2VhZmU3ZGI3YTJmNjkxYWY1MzM1OGMwZDM5Zjc5YjMzY2FkZjQ1MzMiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfak5iQnVqbEpGVnJGbkxJem9qaHEiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjIyMTY2MTMsInN1YiI6InVfWHFWU21IcVMzbWhwIn0.DyXOAZDGk1SMseij3V3pEHaBohLQvabb42YgXQ7-ZSE

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
content-length
3
x-spotim-token
0123090436UTEZ.60ca072439026aabb92e5a0ceafe7db7a2f691af53358c0d39f79b33cadf4533
x-request-id
fda33983-4aca-11ee-8e93-f65ff28a7efe
x-guid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
server
fasthttp
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
NMiwwv9ccfq_Wy2vzh9DWJyw0DwzzmrOrC5-lDCR_TTGfxuy4sA8aQ==
usync.js
eus.rubiconproject.com/ Frame 9035 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57921
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
183734-166492037162020.js
js-sec.indexww.com/ht/p/ Frame BDE9 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:10:16 GMT
server
cloudflare
age
975
etag
W/"9022fc-9fd2-6047f02ed659c"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8012cf548ff339e3-YYZ
expires
Mon, 04 Sep 2023 06:30:19 GMT
/
ghb.spotim.market/geo/ Frame 4798 		158 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6435522b12db8477c3d43f483b51389315e5cb5144f53753f7116b462ec5947d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
158
tracking
ghb.spotim.market/adunit/ Frame 4798 		43 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=610&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=49l0jq.qy&features=81952&vpbv=A169&lifecycle_tte=4969
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.medocdn.com/prebidlink/19604/ Frame 8419 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.medocdn.com/prebidlink/19604/j.html?i=11596
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:19 GMT
etag
W/"620bee41-43d"
expires
Wed, 06 Sep 2023 02:30:19 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
183734-166492037162020.js
js-sec.indexww.com/ht/p/ Frame CC71 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:10:16 GMT
server
cloudflare
age
975
etag
W/"9022fc-9fd2-6047f02ed659c"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8012cf54d86439e3-YYZ
expires
Mon, 04 Sep 2023 06:30:19 GMT
183734-166492037162020.js
js-sec.indexww.com/ht/p/ Frame A5BD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:10:16 GMT
server
cloudflare
age
975
etag
W/"9022fc-9fd2-6047f02ed659c"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8012cf54e88039e3-YYZ
expires
Mon, 04 Sep 2023 06:30:19 GMT
/
ghb.spotim.market/geo/ Frame B3F9 		158 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6435522b12db8477c3d43f483b51389315e5cb5144f53753f7116b462ec5947d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
158
tracking
ghb.spotim.market/adunit/ Frame B3F9 		43 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=610&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=49l0mv.ii&features=81952&vpbv=A169&lifecycle_tte=5015
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.nodserving.com/prebidlink/19604/ Frame 7923 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.nodserving.com/prebidlink/19604/j.html?i=11600
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:19 GMT
etag
W/"620bee41-43d"
expires
Wed, 06 Sep 2023 02:30:19 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
/
go1.aniview.com/api/adserver/tag/ 		44 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_BbylgSbK&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&AV_CDIM5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=22607427172&AV_CDIM10=v22.4.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6284bb2ecd8f0b056213fec7&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.shefinds.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6284bb2ecd8f0b056213fec7/www.shefinds.com&d36=6.2.123&responsive=1&sver=4&avtoken=619737&omv=1.0.1&clsid=784c090b-e0d6-48a9-8d0a-1cca998d9521&rando=67&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1693794619740&wfc=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.152.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-152-207.compute-1.amazonaws.com
Software
/
Resource Hash
61614c7f8f5a9e5ef4d7d50f066d7dfcd016e998908a38c88123a353ab5d3254

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 23 Aug 2023 12:43:39 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=pitc&cd4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&cd5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.4.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.123&apppkg=&fv=1&proto=https&clsid=784c090b-e0d6-48a9-8d0a-1cca998d9521&rando=67&pid=5e0e296628a061270b21ccab&cid=6284bb2ecd8f0b056213fec7&stagid=&stplid=&e=inventory&vi=0&cb=1693794619739
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
onetag-sys.com/match/ Frame 38A4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x5 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://onetag-sys.com/match/?int_id=1&uid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Sep 2023 02:30:18 GMT
/
onetag-sys.com/match/ Frame 38A4
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19600bc21eacf9565125744d917cac10
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 38A4 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=PwfHdyU0ZcLOOGtQfSftrVZzAMZEcisJMrNaJBITPSM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 38A4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GtAsFqoNpv8KX50YI7ufkM8CagV1qsA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GtAsFqoNpv8KX50YI7ufkM8CagV1qsA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H3
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABil4GtAsFqoNpv8KX50YI7ufkM8CagV1qsA
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame 38A4
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:18 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 38A4
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=60639d518f1b2394&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGxnXd9PracQNKhvJLAAAAAAA&expiration=1693881020
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGxnXd9PracQNKhvJLAAAAAAA&expiration=1693881020
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAGxnXd9PracQNKhvJLAAAAAAA&expiration=1693881020
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 38A4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
date
Mon, 04 Sep 2023 02:30:19 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 38A4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=29&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:19 GMT
server
Kestrel
content-length
233
/
onetag-sys.com/match/ Frame 38A4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Donetag
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a7d3cd70-86de-48b7-a433-d7ee488fb1bf&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
onetag-sys.com/match/ Frame 38A4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2535980227366638075
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2535980227366638075
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
an-x-request-uuid
2b2eaae3-49f7-42fc-9bc0-b67c33b7811c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 38A4
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=990277896830277133
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=990277896830277133
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=990277896830277133
date
Mon, 04 Sep 2023 02:30:19 GMT
content-length
0
/
sync.richaudience.com/b68d15d845168591d6416f7692d01261/ Frame 38A4 		95 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/b68d15d845168591d6416f7692d01261/?uid=PwfHdyU0ZcLOOGtQfSftrVZzAMZEcisJMrNaJBITPSM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=7a4244b2979db22&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:30:11 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
183734-166492037162020.js
js-sec.indexww.com/ht/p/ Frame 6B4A 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:10:16 GMT
server
cloudflare
age
975
etag
W/"9022fc-9fd2-6047f02ed659c"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8012cf55fa4a39e3-YYZ
expires
Mon, 04 Sep 2023 06:30:19 GMT
183734-166492037162020.js
js-sec.indexww.com/ht/p/ Frame 379D 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:19 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:10:16 GMT
server
cloudflare
age
975
etag
W/"9022fc-9fd2-6047f02ed659c"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8012cf55fa4b39e3-YYZ
expires
Mon, 04 Sep 2023 06:30:19 GMT
ad-container-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.83.12/ 		667 B
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.83.12/ad-container-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc1cb3c1abed6cf3e265facd1e539be166a255907e6d21cfedaa9b901d1d1d20

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 09:17:29 GMT
content-encoding
br
via
1.1 078fe53d3a4b452fe5cde4b5d9596b0e.cloudfront.net (CloudFront)
x-amz-version-id
PoYYUCuSgSouxO__jFmaztoY6nSozJ3k
x-amz-cf-pop
JFK52-P1
age
1185171
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
406
last-modified
Mon, 21 Aug 2023 09:12:05 GMT
server
AmazonS3
etag
"e4fdb5f82b0df9e0b3d49f784d351444"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dz7eUdHMy5iAULVmPHRREK-L8agW4JVbMjRogMZRqZtf9q1WAr1snw==
ImgSync
image8.pubmatic.com/AdServer/ Frame 91A3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=HLiTh2iyUpl_l7NZChyoE2AJ-S0&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 04 Sep 2023 02:30:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 04 Sep 2023 02:30:20 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 89D1
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 04 Sep 2023 02:30:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 04 Sep 2023 02:30:19 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
/
onetag-sys.com/match/ Frame BB25
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
157
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:19 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/match/ Frame AB00
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1813050723370043128
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
157
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:20 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 4B6D
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=e5cf3b29-2099-4e63-9375-b14659614e64&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
42 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.195.149.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-195-149-193.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:20 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 04 Sep 2023 02:30:18 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame E880
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU641abfc9db6847f0ab54e557609fb367
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 04 Sep 2023 02:30:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 04 Sep 2023 02:30:20 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame A916
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=822877106412
42 B
286 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=822877106412
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 03 Sep 2023 21:05:45 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=822877106412
i.match
s.tribalfusion.com/z/ Frame C95C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8012cf58fe724bcf-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
8012cf580e6b4bcf-BUF
content-type
text/html
date
Mon, 04 Sep 2023 02:30:20 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1522
/
csync.loopme.me/ Frame EAB0 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame AA20
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=aSNLhRAjA0awXQ-rPEH1ZA
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=aSNLhRAjA0awXQ-rPEH1ZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:20 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=aSNLhRAjA0awXQ-rPEH1ZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 2A1D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&rndcb=5805976647
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&google_hm=NTRkMTAxOTctY2I0Ni00MTNhLTkxZjktOGU2ZWE4ZDlk...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGYFTk1BEPH6BrhXKezk8Gc&google_cver=1&ssp=adconductor&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://sync.1rx.io/usersync/bidswitch/54d10197-cb46-413a-91f9-8e6ea8d9de90?gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
42 B
255 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:20 GMT
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
cm
ipac.ctnsnet.com/int/ Frame 089C 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:30:19 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
ImgSync
image8.pubmatic.com/AdServer/ Frame 49BF
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=26c6c033-d97e-49a0-be28-26a6939408b0
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private,max-age=86400
date
Mon, 04 Sep 2023 02:30:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 04 Sep 2023 02:30:20 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
pub
matching.truffle.bid/sync/ Frame E923 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:20 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
cookiesync
core.iprom.net/ Frame C337 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:20 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-795ba8f7b49b@version_1.568v2
X-core-time
1ms
X-server-arch
v2
/
onetag-sys.com/match/ Frame 8978
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:C14E48D5177140E2A6F7C142966EB206&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
291 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

cache-control
private,max-age=86400
content-length
157
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:18 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 4A89
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7470810201041396218&uid=Q747081020104139...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7470810201041396218
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7470810201041396218
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:20 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=23745
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:20 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7470810201041396218
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
pubmatic
s.seedtag.com/cs/cookiesync/ Frame 842B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://s.seedtag.com/cs/cookiesync/pubmatic?channeluid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Sep 2023 02:30:20 GMT
server
openresty
via
1.1 google
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame A6F6 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.44.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-44-25.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:19 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
398809b2-c5fa-47bd-ae4b-c22ee61c723a
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-004056c6891cae51e
362588.gif
idsync.rlcdn.com/ Frame A6F6
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/362588.gif?partner_uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
date
Mon, 04 Sep 2023 02:30:20 GMT
server
Kestrel
content-length
199
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8/gdpr=0/ Frame A6F6 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8/gdpr=0/gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.179.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-179-35.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.45.196
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame A6F6 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
image2.pubmatic.com/AdServer/ Frame A6F6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
42 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:19 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A6F6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=640113117700930142
42 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=640113117700930142
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=640113117700930142
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame A6F6
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2535980227366638075
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2535980227366638075
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 03 Sep 2023 21:20:37 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
an-x-request-uuid
e558b763-936e-46ce-87b0-76556c730739
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A6F6
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:57b10a06-895d-4b19-937b-e28030e81a4e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:57b10a06-895d-4b19-937b-e28030e81a4e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: cs.seedtag.com
URL: https://cs.seedtag.com/cs.html?pt=9091-2300-01&pc=US&us=1---
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 04 Sep 2023 02:30:20 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:57b10a06-895d-4b19-937b-e28030e81a4e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 04 Sep 2023 02:30:20 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
/
go1.aniview.com/api/adserver/tag/ 		46 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_BbylgSbK&AV_CDIM2=Desktop&AV_CDIM3=pitc_dd&AV_CDIM4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&AV_CDIM5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=22607427172&AV_CDIM10=v22.4.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6284bb2ecd8f0b056213fec7&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.shefinds.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6284bb2ecd8f0b056213fec7/www.shefinds.com&d36=6.2.123&responsive=1&sver=4&avtoken=620083&omv=1.0.1&clsid=243244ea-1b90-4481-81c6-9339ec9346a4&rando=47&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=1693794620084&wfc=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.152.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-152-207.compute-1.amazonaws.com
Software
/
Resource Hash
13045aee93395f15d148677aa46a5edfdd62f85faf7162eec98245cb0b8420a5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 23 Aug 2023 12:43:40 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=pitc_dd&cd4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&cd5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.4.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.123&apppkg=&fv=1&proto=https&clsid=243244ea-1b90-4481-81c6-9339ec9346a4&rando=47&pid=5e0e296628a061270b21ccab&cid=6284bb2ecd8f0b056213fec7&stagid=&stplid=&e=inventory&vi=0&cb=1693794620084
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C8B7 		577 B
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72625043&p=156758&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
84316d0f05abbf7b6b0ca0dfab38011c5e6eb16f19b01725488b72ce2e8ac115

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 04 Sep 2023 02:30:20 GMT
content-length
577
content-type
text/html; charset=UTF-8
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=984e27da-3232-bb44-eb5b-68b1e7d8ea4a&tv=%7Bc:naA5G9,pingTime:1,time:2972,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:954%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2972,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:954,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2290~100%5D,as:%5B2290~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:838,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i*.930203%7C1i1%7C1j.930203%7C1j1%7C1k.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1i*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:956,sis:1882%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=984e27da-3232-bb44-eb5b-68b1e7d8ea4a&tv=%7Bc:naA5Ga,pingTime:1,time:2973,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:954%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2973,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:954,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2290~100%5D,as:%5B2290~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:838,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i*.930203%7C1i1%7C1j.930203%7C1j1%7C1k.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1i*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:956,sis:1882,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=984e27da-3232-bb44-eb5b-68b1e7d8ea4a&tv=%7Bc:naA5Gb,pingTime:1,time:2974,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:954%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:2974,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:954,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2291~100%5D,as:%5B2291~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:838,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i*.930203%7C1i1%7C1j.930203%7C1j1%7C1k.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1i*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:956,sis:1882,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
onetag-sys.com/match/ Frame B28B
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
/
onetag-sys.com/match/ Frame B28B
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=7623aa4c964a1487&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9Aiw9gNsnu78AAAAAAA&expiration=1693881021
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9Aiw9gNsnu78AAAAAAA&expiration=1693881021
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AAAMo9ZT9Aiw9gNsnu78AAAAAAA&expiration=1693881021
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame B28B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=640113117700930142&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame B28B 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=HO91Rp7T47yFKtegb-ChwzJuvkLp8EMkM_gpsZYlHT0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame B28B 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=5e0e296628a061270b21ccab&key=HO91Rp7T47yFKtegb-ChwzJuvkLp8EMkM_gpsZYlHT0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
content-length
0
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di...
  • https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Location
https://prebid-server.rubiconproject.com/setuid?bidder=grid&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:20 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=ff061bdb-df71-a3df-20c9-b0ff12d77dda&tv=%7Bc:naA5Kz,pingTime:1,time:3209,type:p,clog:%5B%7Bpiv:84,vs:i,r:,w:300,h:250,t:963%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3209,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:963,wc:0.0.1600.1200,ac:980.991.300.250,am:i,cc:980.991.300.250,piv:84,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2262~75%5D,as:%5B2262~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1057,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j*.930203%7C1j1%7C1k.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1j*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:963,sis:1846%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
events
api.permutive.com/v2.0/batch/ 		301 B
183 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
a1a5255fa49421995766043803736b92e2b8bc546bd992fe06e180effe0a119d

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
sync
visitor.omnitagjs.com/visitor/ Frame 8376
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=adyoulike&gdpr=0&gdpr_consent=&gdpr=0&khaos=LM49KSCX-B-B1NA
  • https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LM49KSCX-B-B1NA&name=RUBICON&gdpr=0
49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LM49KSCX-B-B1NA&name=RUBICON&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
H2
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://visitor.omnitagjs.com/visitor/sync?uid=3496f2c9155784213a7b528f78bb441a&visitor=LM49KSCX-B-B1NA&name=RUBICON&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
c483977f-3ea4-4e81-9a66-55e3e0f4d270
https://prebid.a-mo.net/ Frame E176 		176 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://prebid.a-mo.net/c483977f-3ea4-4e81-9a66-55e3e0f4d270
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe282ed25faa99bb3fdf3b2f06a8cd645a2f5dffcd3d1641c4d46dcedc4e722c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Length
176
Content-Type
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=36a09f01-2200-3f12-2021-6c6fbce8b9d7&tv=%7Bc:naA5LU,pingTime:1,time:3389,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1383%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3389,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1383,wc:0.0.1600.1200,ac:320.235.970.250,am:i,cc:320.235.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2025~100%5D,as:%5B2025~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1062,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h*.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j.930203%7C1j1%7C1j2%7C1k.930203%7C1k1%7C1k2%7C1l.930203%7C1l1%7C1l2%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1384,sis:2133%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=36a09f01-2200-3f12-2021-6c6fbce8b9d7&tv=%7Bc:naA5LV,pingTime:1,time:3390,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1383%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3390,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1383,wc:0.0.1600.1200,ac:320.235.970.250,am:i,cc:320.235.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2026~100%5D,as:%5B2026~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1062,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h*.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j.930203%7C1j1%7C1j2%7C1k.930203%7C1k1%7C1k2%7C1l.930203%7C1l1%7C1l2%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1384,sis:2133,metricId:publ1,cmr:t%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=36a09f01-2200-3f12-2021-6c6fbce8b9d7&tv=%7Bc:naA5LW,pingTime:1,time:3391,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1383%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:3391,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1383,wc:0.0.1600.1200,ac:320.235.970.250,am:i,cc:320.235.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2026~100%5D,as:%5B2026~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1062,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h*.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j.930203%7C1j1%7C1j2%7C1k.930203%7C1k1%7C1k2%7C1l.930203%7C1l1%7C1l2%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1384,sis:2133,metricId:grpm1,cmr:t%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
read
api-2-0.spot.im/v1.0.0/conversation/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 04 Sep 2023 02:30:20 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 f8debc28b6c73eb3dc7540e2ac2f0e18.cloudfront.net (CloudFront)
x-amz-cf-id
_-Zyw_PYWjgvCw0DL95ymfSM9bZ5PWMke4doVZ9Wg3LZbt69TdJxqA==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
read
api-2-0.spot.im/v1.0.0/conversation/ 		749 B
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
8711fcda086c75adcbbc36a05df01221429bb90fa994302632c90868faa73115
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
x-post-id
907296
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
e3a6c02f-3821-4966-b815-070e1fd3f4b8
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfWHFWU21IcVMzbWhwIiwiZGlzcGxheV9uYW1lIjoiR29sZFNlYWhvcnNlIiwidXNlcl9uYW1lIjoiR29sZFNlYWhvcnNlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI0dvbGQtU2VhaG9yc2UiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNjkzNzk0NjEzLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTA0MzZVVEVaLjYwY2EwNzI0MzkwMjZhYWJiOTJlNWEwY2VhZmU3ZGI3YTJmNjkxYWY1MzM1OGMwZDM5Zjc5YjMzY2FkZjQ1MzMiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfak5iQnVqbEpGVnJGbkxJem9qaHEiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjIyMTY2MTMsInN1YiI6InVfWHFWU21IcVMzbWhwIn0.DyXOAZDGk1SMseij3V3pEHaBohLQvabb42YgXQ7-ZSE

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
content-encoding
gzip
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
x-spotim-token
0123090436UTEZ.60ca072439026aabb92e5a0ceafe7db7a2f691af53358c0d39f79b33cadf4533
x-request-id
fe55f076-4aca-11ee-abf1-aecdc580d65e
x-guid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
server
fasthttp
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
SsksAdGdkINNsA76q8cRuqUIpAtLKMIMcwnlLfU1EluCv2ehlTFz2g==
/
sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/ Frame F416 		95 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/502e2341fac2c140295d7b3b0c915c8c/?uid=
Requested by
Host: sync.richaudience.com
URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1693794617488&pubconsent=&euconsent=&hasConsent=1&rd=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:30:11 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
usermatch
ssum.casalemedia.com/ Frame 4C1F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
26f7f04f30866228103b1f6f134835b0221023687007b7500cc4d05f2e8e5e44

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1706
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:20 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cookiesyncendpoint
sync.aniview.com/ Frame 4BFE
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D55%26key%3D%24UID
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=55&key=2535980227366638075
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=55&key=2535980227366638075
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
485beaa5-5a55-4fd0-ad7d-1e96b532d2f7
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:20 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=55&key=2535980227366638075
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
cookiesyncendpoint
sync.aniview.com/ Frame D4FD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=aniview&gdpr=0&gdpr_pd=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26bid...
  • https://pixel.rubiconproject.com/exchange/sync.php?p=unruly&rndcb=368330271
  • https://sync.1rx.io/usersync/rubicon/LM49KSCX-B-B1NA
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=200&key=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
0
251 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=200&key=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:20 GMT
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=200&key=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
sync
ssbsync.smartadserver.com/api/ Frame 8400 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.170 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
f35ebed0d3f95eeb2732099c54d278e52d68129c453772b4de097ef94969fc9b

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
1092
content-type
text/html
date
Mon, 04 Sep 2023 02:30:20 GMT
usync.html
eus.rubiconproject.com/ Frame 4F6C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:20 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT
location
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
server
AkamaiGHost
cookiesyncendpoint
sync.aniview.com/ Frame 26D1
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddern...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=72&pid=5e0e296628a061270b21ccab&key=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
0
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=72&pid=5e0e296628a061270b21ccab&key=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT

Redirect headers

cache-control
max-age=0,no-cache,no-store
content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT
expires
Tue, 11 Oct 1977 12:34:56 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=72&pid=5e0e296628a061270b21ccab&key=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
server
A
cookiesyncendpoint
sync.aniview.com/ Frame 8D30
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=5c25ba01-8014-471d-b115-9488b0bab07b&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=23&key=6aee4e26-3af0-036a-2493-7dba72640ec7
0
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=23&key=6aee4e26-3af0-036a-2493-7dba72640ec7
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Mon, 04 Sep 2023 02:30:20 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=23&key=6aee4e26-3af0-036a-2493-7dba72640ec7
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DC12 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D1%26key%3D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101347
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:20 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 4443 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=[AV_GDPR]&gdpr_consent=[AV_CONSENT]&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
d3789c1c504990fbbc2e77341c1bc8714bd7b5d4235dba29ca3916c5bb152a78
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
988
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
cookiesyncendpoint
sync.aniview.com/ Frame CE97
Redirect Chain
  • https://ap.lijit.com/pixel?us_privacy=1---&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D18%26k...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=18&key=HQzWZQZHTprevADoQOeL11M1
0
226 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=18&key=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:20 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=18&key=HQzWZQZHTprevADoQOeL11M1
X-Sovrn-Pod
ad_ap7ewr1
cookiesyncendpoint
sync.aniview.com/ Frame D5B6
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D41%26pid%3D5e0e29662...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=41&pid=5e0e296628a061270b21ccab&key=4187545677285024608258
0
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=41&pid=5e0e296628a061270b21ccab&key=4187545677285024608258
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=41&pid=5e0e296628a061270b21ccab&key=4187545677285024608258
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cookiesyncendpoint
sync.aniview.com/ Frame ACEE
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3665&_fw_gdpr=0&_fw_gdpr_consent=
  • https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=62dea72e53dc2e243a2a2635d13fb7b&_fw_gdpr=0&_fw_gdpr_consent=
0
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=62dea72e53dc2e243a2a2635d13fb7b&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:20 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=9&key=62dea72e53dc2e243a2a2635d13fb7b&_fw_gdpr=0&_fw_gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1693794620678052-105
auto-user-sync
ads.stickyadstv.com/ Frame A034 		43 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/auto-user-sync?px=1953&_fw_gdpr=0&_fw_gdpr_consent=
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:20 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
x-sticky-vk
1693794620682035-103
cookiesyncendpoint
sync.aniview.com/ Frame 3D2D
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=E5RP5Qpb&gdpr=0&consent=&us_privacy=1---
  • https://sync.aniview.com/cookiesyncendpoint?biddername=142&key=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
0
240 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=142&key=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT

Redirect headers

content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT
location
https://sync.aniview.com/cookiesyncendpoint?biddername=142&key=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=0
cookiesyncendpoint
sync.aniview.com/ Frame DC05
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D60%26key%3D%5BUID%5D
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=60&key=07f064bb-75b8-42f3-a993-2e9dec53f3bc
0
239 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=60&key=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 04 Sep 2023 02:30:20 GMT

Redirect headers

cache-control
no-cache, no-store, private
content-length
0
content-type
text/plain; charset=utf8
date
Mon, 04 Sep 2023 02:30:20 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=60&key=07f064bb-75b8-42f3-a993-2e9dec53f3bc
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
x-xss-protection
0
uc.html
sync.go.sonobi.com/ Frame 1867 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=aniview
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
4e0354746df4d7d2b190f6a56b27f495abf4f256a947fff34fa122151ff5ecd5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
content-length
1416
content-type
text/html
date
Mon, 04 Sep 2023 02:30:20 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
x-xss-protection
0
sync-iframe
cs-server-s2s.yellowblue.io/ Frame C48D 		627 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D80%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BpartnerId%7D
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
5413e64fb18158d3f2a6789dc0bf0bd1584cb0ef361040f4c56884042dd70398

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.shefinds.com/
content-length
627
content-type
text/html
date
Mon, 04 Sep 2023 02:30:20 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0545 		215 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
677bab83edbaf28095393d59cebb7929d4d06499ca6ece8081a430f0fd2efa9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsJjXeOhYQurXW4gpWAvYCfexBJXJCVo5Nq6XnvrV2Le1bWezljYDNLY5a8dy81Aw_10CiGhrQygbRtiXo5rYJpFewGT7tD
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
69989
last-modified
Sun, 03 Sep 2023 06:24:17 GMT
server
UploadServer
etag
"f27cc43e8274f67b9ff4a205cc7d0de8"
vary
Accept-Encoding
x-goog-generation
1693722256957551
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=FkgZrw==, md5=8nzEPoJ09nuf9KIFzH0N6A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
69989
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:20 GMT
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0545 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsZLjY_fLRwO2mUToqEJARzQx2BGhjE5pANQvrMc4-7exTi74xUTlNui3-7dPWVM9UB5WnJE3zm0TmN2E0n4U-owUEjzEwC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23120
last-modified
Sun, 03 Sep 2023 06:24:17 GMT
server
UploadServer
etag
"4b4557cd18ac9267af08fdb557b5b99b"
vary
Accept-Encoding
x-goog-generation
1693722256959507
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=5DF8CA==, md5=S0VXzRiskmevCP21V7W5mw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23120
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:20 GMT
avpb7.51.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 0545 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
01c3a025b0c8fb03bc17b1bfb5d0e40ff081556e844abfb19044728a9fa1310a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduprggp0BDzzrnTJcneLJXAm68-QGxJcErx7ndvLBWe8LeT9JZlJWb6OF_YdX8e0Nyto1YqCiG7suZF_ROdbAAtXw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21036
last-modified
Sun, 03 Sep 2023 06:24:17 GMT
server
UploadServer
etag
"0a0d67aa487d13807b0ae7ae5ed865ef"
vary
Accept-Encoding
x-goog-generation
1693722256956297
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Gux6hg==, md5=Cg1nqkh9E4B7CueuXthl7w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21036
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:20 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame D1D2 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:16:41 GMT
content-encoding
gzip
via
1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 f359087e1d20f17f76b31eb5ffbbd450.cloudfront.net (CloudFront)
last-modified
Thu, 24 Aug 2023 18:15:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, JFK50-P3
age
820
x-amz-server-side-encryption
AES256
etag
W/"761fb227b5d9333f86d2e976465cc3f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
qhdnaOLLNthEuVdemZVrCKNiLSvm1B8tdgkyhFC_yg_hFnoO1hJQOw==
s2s
s2s.aniview.com/api/adserver/ 		0
477 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=27e3976019d799fca9fdb2d3ad9f6836&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1693794619884-964393778739-001213-003-001685&AV_CDIM1=sp_BbylgSbK&AV_CDIM2=Desktop&AV_CDIM3=pitc&AV_CDIM4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&AV_CDIM5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=22607427172&AV_CDIM10=v22.4.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6284bb2ecd8f0b056213fec7&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.shefinds.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6284bb2ecd8f0b056213fec7/www.shefinds.com&d36=6.2.123&responsive=1&sver=4&avtoken=619737&omv=1.0.1&clsid=784c090b-e0d6-48a9-8d0a-1cca998d9521&rando=67&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=3794620584&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=1&d5=0&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.212.237.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-237-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 23 Aug 2023 12:43:41 GMT
14264399
ads.stickyadstv.com/vast/vpaid-adapter/ 		814 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/14264399?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,!&cbb=3794620584
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
1a7a067b1d1fc9f4e62759d87c995349dc25c15a7041b6cee98616b511531a2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:20 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794620674065-250
22035490
ads.stickyadstv.com/vast/vpaid-adapter/ 		814 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/22035490?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,!&cbb=3794620586
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
70db79f468b25dee4cae190c6cdac0ae7b9de52d81f4c465f06fbb5a6ea059fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:20 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794620675052-123
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=ddfb7c5e-6c0e-080b-2e94-f08d6a291eaf&tv=%7Bc:naA5Op,pingTime:-10,time:3350,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjE0MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693794620648%7C%7C174e9e16468d78533e6c1b2fa7cbc2ef%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7C939f7439a1487946545e2c42ad5a9735%7C%7C5b171e1e9cc4ee048d9af8dbe129880a%7C%7Cc3e10cb1811cbf76ee446fa6f75aa0a6%7C%7C1b86f8b48054fa9faff06c52c8be77f9%7C%7C9f13b52d8c3d908b18527e820dbe4ae7%7C%7C1663701684,env:%7Bar:self.0%7D%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame AF10 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404011
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
yS7zWQAUA-6UbsIW6ozEi6ibLLmeBJMvycWjseJ1YZMqZ_kcYUX75g==
postbid.js
ads.blogherads.com/static/ Frame AF10 		421 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/postbid.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d400dbfbf746828edab9cc3a3f82a611a31830b0d7611afd79b0d95ae1cca5f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
G64X212GFA1C04D5
age
1797
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ICoTxmy90cymyjcYlyndcNIKy4ySa7hh/GfF/47HpuGk5fZLGknGX2RHYKC7Jrr23zw9wVRC3fQ=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:29 GMT
x-timer
S1693794621.939476,VS0,VE0
etag
W/"7423bef5d99fd702fe9c804009f4b11b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AF10 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:20 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 719E 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404011
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_Y_xctTHau4sFIQSZHvSjXHNX1wL7pb_7AOcPeejh0E2-fQ-uGK4cQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 719E 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:21 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:30:21 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:30:21 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame E9D4 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404012
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
gvEk3YSaQl9jZ8t0leoHUJWFLsNWKMrC-WoVC4Qj0P4BGc_YOIdvVQ==
boomerang-client.js
ads.blogherads.com/static/ Frame E9D4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/boomerang-client.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4a478f209dddd433c1849f661b71160f14ad996c9c075e5f4b7fbeb21d1bf0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HZV561WHZ52SDG95
age
1796
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
GMNGpWtxeT/yiDgZXcb0tLP63TwEygUZonBIQrPVMXmbBxdipP3M8alAGbxgaPyspoVNGwYCTVQ=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:30 GMT
x-timer
S1693794621.007622,VS0,VE0
etag
W/"f4b7dbaeb313299eb47e0873bc496740"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
55
view
securepubads.g.doubleclick.net/pcs/ Frame E9D4 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2IIs3Pt7LTqwxUbIksd6UGYbyof8IVwoHeTRVjCe9L7_yL-2vEIEaGlvFQCm8pULG4l8nyW4uIxLCcC4GH65fb2whtMZjb6K2AltoNKR-VNHPY5qVhCPYJC9S1N5vnxJ7jHpUvDZRHfI7K9IMHOrgLrCCv7exxWaBIk1c4QZ2Jov9zV0VfeJw5FDxhGJNn7MD9DNaG_JBSu__wKlobe9AyvhVtrpAlYV6Aq5j61HYKk3K4eR5sEd1rw6cAzdglzj-QzGOSQGxJZLpXTxDPnPzNQYFBgZT_E_Dt6kRmppuxcf8bQsNEiE77fvSf94Gt8GFJZpDbpY&sai=AMfl-YSked3YuHlXEY3Yxce0blR398CbEzfGS9gIklRcpj5-3Yt75eYQpvo81rOPp_tXYuoufnpsDMOgSiRRlkJSO_MiDRoa3sriy8m065NAUS8PkNMSl8xNxpLlhM71iQOmyqfD1_6hF60b42Jt7kLeBvw&sig=Cg0ArKJSzPN1ExxoaOKoEAE&uach_m=[UACH]&urlfix=1&adurl=[%ThirdPartyImpressionTracker%]
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:21 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:21 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
match
events-ssc.33across.com/ Frame A30B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LM49KSCX-B-B1NA
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LM49KSCX-B-B1NA
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LM49KSCX-B-B1NA&ts=1693794621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LM49KSCX-B-B1NA&ts=1693794621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LM49KSCX-B-B1NA&ts=1693794621&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=c0a2d7cf-9b5c-af72-607e-9f82787e40fd&tv=%7Bc:naA5X6,pingTime:-10,time:3822,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjE0MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693794621187%7C%7C5acc703bed4f1e973b52b367e6ae3558%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7C7ec898cc2a4f492bc530cefacd5592a8%7C%7C565a3e94d1010ee51bb164032511b346%7C%7C06051c6d0ae416e84ba3723713e952bb%7C%7C5241098666225762bdb09b47eea1cad9%7C%7C61a0eb6f251bf776b1fa6b1fb5c65f08%7C%7C1663701684,env:%7Bar:self.0%7D%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
hbw_master_307825_11596.js
p.medocdn.com/prebidlink/y19604/ Frame 8419 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.medocdn.com/prebidlink/y19604/hbw_master_307825_11596.js
Requested by
Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/19604/j.html?i=11596
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d1735d8558a576cf0ea8421e25f53e3946fb983666ba6ec0a6816875bd59f670

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.medocdn.com/prebidlink/19604/j.html?i=11596
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 10:58:33 GMT
server
nginx
etag
W/"64f1c3d9-1d1a3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 06 Sep 2023 02:30:21 GMT
hbw_master_307825_11600.js
p.nodserving.com/prebidlink/y19604/ Frame 7923 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.nodserving.com/prebidlink/y19604/hbw_master_307825_11600.js
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/19604/j.html?i=11600
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
3c0b6f2a8b04ec43199cb3003d61eb19ba78f473d7732870c1a3b9eacd3172d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.nodserving.com/prebidlink/19604/j.html?i=11600
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 10:58:33 GMT
server
nginx
etag
W/"64f1c3d9-1d1af"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 06 Sep 2023 02:30:21 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=36a09f01-2200-3f12-2021-6c6fbce8b9d7&tv=%7Bc:naA5Ya,pingTime:-10,time:4149,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjE0MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693794621254%7C%7C4a467ba11c9ab3e359be4034041edf63%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7Caf2c8f70db03a4e7c70f62c0e0d15de3%7C%7Cb9f00fa99cbe0c3219355ae9ac5134d9%7C%7Cc8a66797fcea031151f5f5a6e403e3c5%7C%7Cc50281ab30d7c391848a7882a7dcb7ea%7C%7Cdf103e5f539704bb71a8d1629ac20981%7C%7C1663701684,im:%7BpWait:533%7D,env:%7Bar:self.0%7D%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=984e27da-3232-bb44-eb5b-68b1e7d8ea4a&tv=%7Bc:naA5YY,pingTime:-10,time:4139,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjE0MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693794621303%7C%7C42486996e699fdd7d4668a61a7d99f92%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7Caa3310410c32e5863e325c7a96cc0fcc%7C%7C76052fdd0e0c778eb5626f76d60ad456%7C%7C52bdbfa300c8874a849085ce1511e8b9%7C%7C87cd400e98efb8d5d1e9bd178a324700%7C%7C24e12685423a84bad1a1b9d6a9eef32d%7C%7C1663701684,env:%7Bar:self.0%7D%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=ff061bdb-df71-a3df-20c9-b0ff12d77dda&tv=%7Bc:naA5Zk,pingTime:-10,time:4124,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTYuMC41ODQ1LjE0MCBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000020222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1693794621326%7C%7Cb9a0cb6b788869d32f80d25dce5d4c09%7C%7C0f286e8f7fa153358c622af13d09b529%7C%7C0d730e17545668a0cdd6c9d8db37e06c%7C%7C2c149d99e91f1096d6fc543d74003764%7C%7Cb0e1706b1508f78d70acca536f20be63%7C%7C234a032e34dc41b89dff57aa15e2d053%7C%7C55a5803d86821e543d95f5b257c87f41%7C%7C1663701684,env:%7Bar:self.0%7D%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 48B0 		215 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
677bab83edbaf28095393d59cebb7929d4d06499ca6ece8081a430f0fd2efa9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsJjXeOhYQurXW4gpWAvYCfexBJXJCVo5Nq6XnvrV2Le1bWezljYDNLY5a8dy81Aw_10CiGhrQygbRtiXo5rYJpFewGT7tD
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
69989
last-modified
Sun, 03 Sep 2023 06:24:17 GMT
server
UploadServer
etag
"f27cc43e8274f67b9ff4a205cc7d0de8"
vary
Accept-Encoding
x-goog-generation
1693722256957551
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=FkgZrw==, md5=8nzEPoJ09nuf9KIFzH0N6A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
69989
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:21 GMT
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 48B0 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsZLjY_fLRwO2mUToqEJARzQx2BGhjE5pANQvrMc4-7exTi74xUTlNui3-7dPWVM9UB5WnJE3zm0TmN2E0n4U-owUEjzEwC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23120
last-modified
Sun, 03 Sep 2023 06:24:17 GMT
server
UploadServer
etag
"4b4557cd18ac9267af08fdb557b5b99b"
vary
Accept-Encoding
x-goog-generation
1693722256959507
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=5DF8CA==, md5=S0VXzRiskmevCP21V7W5mw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23120
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:21 GMT
avpb7.51.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 48B0 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
01c3a025b0c8fb03bc17b1bfb5d0e40ff081556e844abfb19044728a9fa1310a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduprggp0BDzzrnTJcneLJXAm68-QGxJcErx7ndvLBWe8LeT9JZlJWb6OF_YdX8e0Nyto1YqCiG7suZF_ROdbAAtXw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21036
last-modified
Sun, 03 Sep 2023 06:24:17 GMT
server
UploadServer
etag
"0a0d67aa487d13807b0ae7ae5ed865ef"
vary
Accept-Encoding
x-goog-generation
1693722256956297
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Gux6hg==, md5=Cg1nqkh9E4B7CueuXthl7w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21036
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:21 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 0B7D 		248 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:16:41 GMT
content-encoding
gzip
via
1.1 8348c06ca24c7faf1ae00ad6facc20b2.cloudfront.net (CloudFront), 1.1 f359087e1d20f17f76b31eb5ffbbd450.cloudfront.net (CloudFront)
last-modified
Thu, 24 Aug 2023 18:15:56 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-P2, JFK50-P3
age
821
x-amz-server-side-encryption
AES256
etag
W/"761fb227b5d9333f86d2e976465cc3f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
6fGead1px3vU3tBQau-4gZO548GmdIik6x9inD76QZA2tp_Fj3wNTg==
s2s
s2s.aniview.com/api/adserver/ 		0
478 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=1a40e6f34bd915e709c562e00afb4568&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1693794619884-964393778739-001213-003-001685&AV_CDIM1=sp_BbylgSbK&AV_CDIM2=Desktop&AV_CDIM3=pitc_dd&AV_CDIM4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&AV_CDIM5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=22607427172&AV_CDIM10=v22.4.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=6284bb2ecd8f0b056213fec7&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.shefinds.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/6284bb2ecd8f0b056213fec7/www.shefinds.com&d36=6.2.123&responsive=1&sver=4&avtoken=620083&omv=1.0.1&clsid=243244ea-1b90-4481-81c6-9339ec9346a4&rando=47&AV_WIDTH=400&AV_HEIGHT=300&AV_CCPA=1---&AV_DNT=0&cb=3794621345&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=1&d5=1&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.212.237.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-237-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 23 Aug 2023 12:43:41 GMT
14264399
ads.stickyadstv.com/vast/vpaid-adapter/ 		814 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/14264399?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,!&cbb=3794621345
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
ca76ce69d839094dacdc803824280f33792c3d6b7150878f6fe21a87a903ed2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:21 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794621378015-316
24464962
ads.stickyadstv.com/vast/vpaid-adapter/ 		829 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/24464962?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,!&co=sp_BbylgSbK&cbb=3794621346
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
bd29580015c758edda76445651c82c5fcc099a3e4e3759e7d9da7cf189f3c756

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:21 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794621360059-310
cookiesyncendpoint
sync.aniview.com/ Frame 8400 		0
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=49&key=990277896830277133&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-length
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8400
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fdcm%3Fpid%3Df7a5db36-1d5c-4c26-81b6-b4d0807faffb%26id%3D...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=990277896830277133&gdpr=0&gdpr_consent=
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=990277896830277133&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
HTTP/1.1
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DHF133YV22GQVWZZHFBH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=f7a5db36-1d5c-4c26-81b6-b4d0807faffb&id=990277896830277133&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
csync.loopme.me/ Frame 8400 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 8400
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=30&p=273&cp=smartortb&cu=1&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D79%26partneruserid%3D%40%40CRITEO_USERID%40%4...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
43 B
492 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
HTTP/1.1
Server
216.22.16.9 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=79&partneruserid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
871294
content-length
0
expires
Mon, 04 Sep 2023 00:00:00 GMT
/
wt.rqtrk.eu/ Frame 8400
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=150&partneruserid=0&redirurl=https%3A%2F%2Fwt.rqtrk.eu%3Fpid%3D58a76248-f101-4e52-b8f7-c4de9362ea12%26src%3Dwww%26type%3D100%26sid%3D0%26...
  • https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=990277896830277133&gdpr_pd=0&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wt.rqtrk.eu/?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=990277896830277133&gdpr_pd=0&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=54&gdpr=0&gdpr_consent=&rdir=
Protocol
H2
Server
15.235.42.103 Victoria, Canada, ASN16276 (OVH, FR),
Reverse DNS
haproxy-ca-002.roqad.pl
Software
istio-envoy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
istio-envoy
p3p
CP="NOI DSP COR DEVa PSAa PSDa OUR BUS UNI COM NAV STA"
content-type
image/gif
cache-control
no-cache,private
x-envoy-upstream-service-time
0
content-length
43
expires
Mon, 04 Sep 2023 02:30:22 GMT

Redirect headers

location
https://wt.rqtrk.eu?pid=58a76248-f101-4e52-b8f7-c4de9362ea12&src=www&type=100&sid=0&uid=990277896830277133&gdpr_pd=0&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:20 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
tp_out
d.adroll.com/cm/index/ Frame 4C1F 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 4C1F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=F06qlvKX1QCZm45
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=F06qlvKX1QCZm45
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:21 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:21 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0ad8f6e9538496bdf@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=F06qlvKX1QCZm45
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 4C1F
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:21 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum-sec.casalemedia.com/ Frame 4C1F
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050723370043128
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050723370043128
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050723370043128
Date
Mon, 04 Sep 2023 02:30:21 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4C1F 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usermatchredir
ssum-sec.casalemedia.com/ Frame 4C1F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 4C1F 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0532594e1.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
esQYbxPuRnc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum.casalemedia.com/ Frame 4C1F
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fcf21a0-5429-cdf4-fa82b175
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fcf21a0-5429-cdf4-fa82b175
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:23 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:21 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=4fcf21a0-5429-cdf4-fa82b175
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
cookiesyncendpoint
sync.aniview.com/ Frame 4C1F 		0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=42&key=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190025&cb=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D42%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-length
0
cksync.php
contextual.media.net/ Frame C48D 		53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D80%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:21 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:21 GMT
/
csync.loopme.me/ Frame C48D 		0
0
cookiesyncendpoint
sync.aniview.com/ Frame C48D 		0
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=80&pid=5e0e296628a061270b21ccab&key=wTUvU2M-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D80%26pid%3D5e0e296628a061270b21ccab%26key%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4F6C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:21 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57919
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A5BD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaN091N6a30QSGEm7DatDJYqCwLtxwTb-nVJoH4jkRyIIhTT9__avH0ZvbTPsDyHKHl2RC4tj-BA1a4QXQotpeMEiQbN99pEtx2m-Sx0IX_Vg-D6Pp0YJ5M6hNx9QwwuKhM_cxUQekFni2sfHCapw16kkaKByUuk1-hsxen2zumT0oobNBi6e3eJ-Zyk57ytB2nqqbQvqaUCcgs3pkaeYnt4mx_14H4MsYylwU-G5G0phYW9SZkNzCNPl0IpCkel_UZK8gQfQnVZmTml2ujqIoVEZSbjBHoRypBu5umKJlKKzuWg0_mNPjZ6yV4H-mvcOVo293fYDUpw&sai=AMfl-YSImFpV9CoPZ60Qg8EyP4ASX-ihiE9KUU_8UfShdLJUAgAa86PC6V7gGuiZ-jHI1JSlm3JijN0wL_xp3Ih9UGo1SmQy7Klh1sgkc6BcTbztd3Gbh1kSiOtEPdmeZxkdSBLROevKxiSEgUouMZ-F-gE&sig=Cg0ArKJSzH165eKLV-fMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:21 GMT
prbds2s
rtb.gumgum.com/usync/ Frame ABDE 		2 KB
990 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/blogherads.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.116.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-116-249.compute-1.amazonaws.com
Software
nginx /
Resource Hash
93cad8f03e2ccce52695f25a16e31167e913bed577f796e98ad138c983092887

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:21 GMT
etag
W/"03b5710e0bd9e8ec0df29b4fc7ace1386"
server
nginx
timing-allow-origin
*
SPug
simage4.pubmatic.com/AdServer/ Frame 0302 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/ Frame 9035
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=publicidad&gdpr=0&gdpr_consent=&gdpr=0&khaos=LM49KSCX-B-B1NA
  • https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LM49KSCX-B-B1NA&gdpr=0
95 B
364 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LM49KSCX-B-B1NA&gdpr=0
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=publicidad&gdpr=0&gdpr_consent=
Protocol
H2
Server
168.119.146.39 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.39.146.119.168.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
date
Mon, 04 Sep 2023 02:30:14 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.richaudience.com/e231bbbe91d9e7e900144b910bfcc7d7/?uid=LM49KSCX-B-B1NA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
907296
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/907296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 04 Sep 2023 02:30:21 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-amz-cf-id
KLex0-H2IIUNVUcCk1uR6AG5UL1j38-dYqyy0yy2ITtYRmjm4peIjA==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
907296
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/907296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 04 Sep 2023 02:30:21 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-amz-cf-id
qqr4H9AMqZtczoYUZr97JZKsPD_ZebRYY6yDnzVIkkKYlbtC6isYFw==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
907296
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/ 		36 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/907296
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
e5425a128404501abc9969d12296d66bd73d613a488934967042e6d1c193d10c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
x-post-id
907296
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
e3a6c02f-3821-4966-b815-070e1fd3f4b8
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfWHFWU21IcVMzbWhwIiwiZGlzcGxheV9uYW1lIjoiR29sZFNlYWhvcnNlIiwidXNlcl9uYW1lIjoiR29sZFNlYWhvcnNlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI0dvbGQtU2VhaG9yc2UiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNjkzNzk0NjEzLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTA0MzZVVEVaLjYwY2EwNzI0MzkwMjZhYWJiOTJlNWEwY2VhZmU3ZGI3YTJmNjkxYWY1MzM1OGMwZDM5Zjc5YjMzY2FkZjQ1MzMiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfak5iQnVqbEpGVnJGbkxJem9qaHEiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjIyMTY2MTMsInN1YiI6InVfWHFWU21IcVMzbWhwIn0.DyXOAZDGk1SMseij3V3pEHaBohLQvabb42YgXQ7-ZSE

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-encoding
gzip
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
x-spotim-token
0123090436UTEZ.60ca072439026aabb92e5a0ceafe7db7a2f691af53358c0d39f79b33cadf4533
x-request-id
ff194b94-4aca-11ee-a3c7-de15d9cb9e1b
x-guid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
server
fasthttp
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
CZ7DlPKGBEAirbbqLr9TPu2lSUePnkEdytYHpFGHG9F-D_BPoRFuFg==
907296
api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/ 		36 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/feed/pitc/v1/sp_BbylgSbK/907296
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
e5425a128404501abc9969d12296d66bd73d613a488934967042e6d1c193d10c
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
x-post-id
907296
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
e3a6c02f-3821-4966-b815-070e1fd3f4b8
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfWHFWU21IcVMzbWhwIiwiZGlzcGxheV9uYW1lIjoiR29sZFNlYWhvcnNlIiwidXNlcl9uYW1lIjoiR29sZFNlYWhvcnNlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI0dvbGQtU2VhaG9yc2UiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNjkzNzk0NjEzLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTA0MzZVVEVaLjYwY2EwNzI0MzkwMjZhYWJiOTJlNWEwY2VhZmU3ZGI3YTJmNjkxYWY1MzM1OGMwZDM5Zjc5YjMzY2FkZjQ1MzMiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfak5iQnVqbEpGVnJGbkxJem9qaHEiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjIyMTY2MTMsInN1YiI6InVfWHFWU21IcVMzbWhwIn0.DyXOAZDGk1SMseij3V3pEHaBohLQvabb42YgXQ7-ZSE

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-encoding
gzip
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
x-spotim-token
0123090436UTEZ.60ca072439026aabb92e5a0ceafe7db7a2f691af53358c0d39f79b33cadf4533
x-request-id
ff1b6fcb-4aca-11ee-9b27-ee3a271b35d0
x-guid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
server
fasthttp
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
x-amz-cf-id
jztBXLnuORQQqqVC67DLCKsFo5OWpbo9oezvqdDSCyF2DM3guR5Fuw==
/
onetag-sys.com/match/ Frame 4443
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=55fee6f9cdbb2394&is_secure=true&version=1&networkId=72582&rurl=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D90%26gdpr%3D0%26gdp...
  • https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881023
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881023
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=[AV_GDPR]&gdpr_consent=[AV_CONSENT]&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://onetag-sys.com/match/?int_id=90&gdpr=0&gdpr_consent=&uid=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881023
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
onetag-sys.com/match/ Frame 4443
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=[AV_CONSENT]
  • https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0&gdpr_consent=[AV_CONSENT]
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0&gdpr_consent=[AV_CONSENT]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=[AV_GDPR]&gdpr_consent=[AV_CONSENT]&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LM49KSCX-B-B1NA&gdpr=0&gdpr_consent=[AV_CONSENT]
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
49049ff336235ad60cb44abcb1cec1d6
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 4443 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=lSparBrfb8Y-ave85jTQ_SeEIm_3T_sEOB1hSl-my5M
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=[AV_GDPR]&gdpr_consent=[AV_CONSENT]&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame 4443
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=[AV_CONSENT]
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=54d10197-cb46-413a-91f9-8e6ea8d9de90&ssp=onetag&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594155179152629092&ssp=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=[AV_GDPR]&gdpr_consent=[AV_CONSENT]&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Location
//onetag-sys.com/match/?int_id=30&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&google_hm=NTRkMTAxOTctY2I0Ni00MTNhLTkxZjktOGU2ZWE4ZDlkZTkw
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGYFTk1BEPH6BrhXKezk8Gc&google_cver=1&ssp=sonobi&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=aniview&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=aniview
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=aniview
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=aniview
date
Mon, 04 Sep 2023 02:30:21 GMT
server
Kestrel
content-length
221
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
Date
Mon, 04 Sep 2023 02:30:21 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=07f064bb-75b8-42f3-a993-2e9dec53f3bc&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
49 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
49 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT, Mon, 04 Sep 2023 02:30:22 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 1867 		0
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=570392714&pt=17&dpn=1&dpt=&trid=&pcid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
via
1.1 aa7679f2d01b23d9a66bfa6e92991b04.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
EWR53-C2
vary
Origin
access-control-allow-methods
POST, GET
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://sync.go.sonobi.com/
x-cache
Miss from cloudfront
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
content-length
0
x-amz-cf-id
WD0GULnwp0g8qXDFpqytbA-ox2XSJHGFZvcPDxICiZ3qcyBYQhybqQ==
alt-svc
h3=":443"; ma=86400
7318ffc0e8fa1d771446
s.amazon-adsystem.com/x/ Frame 1867 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/7318ffc0e8fa1d771446
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
info2
uipglob.semasio.net/sonobi/1/ Frame 1867
Redirect Chain
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Frontend-ID
14
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Frontend-ID
10
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/sonobi/1/info2?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 1867
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3061&partner_device_id=07f064bb-75b8-42f3-a993-2e9dec53f3bc
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=f3a6c746-4028-425d-8997-c0b7dc5b7eac&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=48096718709407920331769723118062651737&pt=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=48096718709407920331769723118062651737&pt=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

DCS
dcs-prod-va6-2-v049-05db826f4.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
iRwFrLj/Qac=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=48096718709407920331769723118062651737&pt=f3a6c746-4028-425d-8997-c0b7dc5b7eac%2C%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
49 B
777 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
date
Mon, 04 Sep 2023 02:30:21 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
49 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
date
Mon, 04 Sep 2023 02:30:21 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
49 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
date
Mon, 04 Sep 2023 02:30:21 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
date
Mon, 04 Sep 2023 02:30:21 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
52154.gif
idsync.rlcdn.com/ Frame 1867
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
  • https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2535980227366638075
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2535980227366638075
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
an-x-request-uuid
2f2e032f-c078-47df-bcf4-811d58532665
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=87880&dpuuid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
dpm.demdex.net/ Frame 1867 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0435b8c4d.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gr8BnW/HTR0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
insync
thrtle.com/ Frame 1867 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10072&vxii_pdid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.153.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-153-89.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 04 Sep 2023 02:30:21 GMT
content-length
43
content-type
image/gif
usersync
match.bnmla.com/ Frame 1867 		0
0
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
an-x-request-uuid
6abd0016-25b1-494d-8ffe-345355ff7ada
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:21 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usg.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDdmMDY0YmItNzViOC00MmYzLWE5OTMtMmU5ZGVjNTNmM2Jj
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
49 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:21 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=f1113e9352a245d2913e9352a295d25c
49 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=f1113e9352a245d2913e9352a295d25c
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:21 GMT
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sync.go.sonobi.com
location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=f1113e9352a245d2913e9352a295d25c
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
0
ID1=07f064bb-75b8-42f3-a993-2e9dec53f3bc
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ Frame 1867 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
30907
tags.bluekai.com/site/ Frame 1867 		62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 04 Sep 2023 02:30:22 GMT
content-length
62
content-type
image/gif
user-sync
sync.adkernel.com/ Frame 1867 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 1867 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=sonobi.com&id=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:22 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
DGJJWHA0D07HQDRK2RTX
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 1867
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Mon, 04 Sep 2023 02:30:22 GMT
server
Apache-Coyote/1.1
content-length
0
all
ssl-market-east.smrtb.com/sync/ Frame 1867 		0
0
10.gif
id5-sync.com/c/434/203/0/ Frame 1867
Redirect Chain
  • https://id5-sync.com/s/434/9.gif?puid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F8%2F2.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/8/2.gif?puid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://id5-sync.com/c/434/2/7/3.gif?puid=$UID&gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/434/2/7/3.gif?puid=2535980227366638075&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F6%2F4.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/434/3/6/4.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=27&3pid=3175ac58-0d9d-47aa-b429-d8f42e050f30&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1245%2F5%2F5.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/434/1245/5/5.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AACX7E7J6oIAACoiJc0fIg&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1241%2F4%2F6.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/434/1241/4/6.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=10089&mt_exuid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F3%2F3%2F7.gif%3Fpuid%3D%5BUUID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/434/3/3/7.gif?puid=d0a664f5-4137-4e00-931c-0b407a189fe2&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=92&3pid=2535980227366638075&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1246%2F2%2F8.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26gdpr...
  • https://id5-sync.com/c/434/1246/2/8.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=85&3pid=AACX7E7J6oIAACoiJc0fIg&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F1241%2F1%2F9.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/434/1241/1/9.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://dis.eu.criteo.com/dis/usersync.aspx?r=30&p=59&cp=id5&cu=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F434%2F203%2F0%2F10.gif%3Fpuid%3D%40%40CRITEO_USERID%40%40%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/434/203/0/10.gif?puid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/434/203/0/10.gif?puid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?pubid=aniview
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://id5-sync.com/c/434/203/0/10.gif?puid=7919c3fc-c7fb-4cfb-a3b1-4120d680e18a&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
616295
content-length
0
expires
Mon, 04 Sep 2023 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame FEA2 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930203&campId=728x90&pubId=15403870&chanId=227445190&placementId=5064405287&pubCreative=138308429214&pubOrder=2543335655&cb=694442760&adsafe_par&impId=fc2b2809-4aca-11ee-b76b-0e5bb606f9c9&custom2=ban&custom3=1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
/
Resource Hash
7ba05bb9ee8a702ece737b9e8eee255ff1ac2a4f952f8f6dddd5497451b37558

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame AF10 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWmpq4mGZfXq0jURQk1iaoZyXCUFyyGiqc02qhBSq0tq5MqBBMpHIFE6W8cXiw15UBmSONsSQihcNlUXWqms_ACHDlm28FjPVSP-Ak7dwmJ33VBrdCZuyOqUhBe24qLIOyF9H2bayzxua0ZsJ1aM9OfPGZQ-5Q5ol2Dup48rbryDhZvGToLNjydP480u3zfq3-4Jrs3hz62FpKMRnNb60ptkDmil9t2yOzkP_YYXtbog3szFPwwqtpEiAbmAftt1Zzi1_UEPFtYiB5_duNVBX6FFZ_Z3eaNxiZrDod9YCd5z8MkYcOL9Qd6c4PFlF7LwXMeHI2FYw&sai=AMfl-YTokVI_xPA4Qh37D2YGHB-wvgkvuevKowP4_BOkpd6ux4n3gYXe_dUF80NXgCzDNcYF-vIeq9nSGWVJhTaUbEerRwa4YFVEFLXuJQvCmsPINrLfaFptZ8OtukWzPZMNwlJYP3uU7zlttVQdEjgvP0c&sig=Cg0ArKJSzIeLChwhPYquEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Sep 2023 02:30:22 GMT
prebid
prebid.deepintent.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 04 Sep 2023 02:30:21 GMT
server
a
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4798 		453 B
663 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=71b0d660-95b9-464f-bc21-caa04cec75f3&l_pb_bid_id=275787324499e9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.6144177082634308
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
93581304ff469db5b5b26d3f7546ea6d7a2a362b7b2981020aea277cda93ab68

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
453
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4798 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=71b0d660-95b9-464f-bc21-caa04cec75f3&l_pb_bid_id=3987dc2312df1a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.6991553668888093
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
98cfe6f4aa87b4be21bb047d4634c94dd3fdb663b3e6232259303fcab6c8cb8f

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4798 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=1775444&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=71b0d660-95b9-464f-bc21-caa04cec75f3&l_pb_bid_id=4ea4ae40e9e477&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.26900308366173764
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7f7150648e59a797d9677dc5820aeb64514ada661371f9b4869d9dfe028cad85

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4798 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=71b0d660-95b9-464f-bc21-caa04cec75f3&l_pb_bid_id=5dec8df59ff808&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.4878801753574631
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ef0cc9533d83f9be7860ac3ce4261586a587fb4929bca92f56737c4651e609b8

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4798 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=71b0d660-95b9-464f-bc21-caa04cec75f3&l_pb_bid_id=695bb91427360c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.08366670335072679
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ba5d63dc515a8939e2b084b83d652fdb46982ac65b77453f8e3da6b867dcb2e1

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4798 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=71b0d660-95b9-464f-bc21-caa04cec75f3&l_pb_bid_id=76477c85e0947b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.05882995133623048
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
514212b40976e8115dc226cd11b96b8c9a14d3aed1ba433a34571104f4a361ca

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 4798 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2290538&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=71b0d660-95b9-464f-bc21-caa04cec75f3&l_pb_bid_id=83604f38f91a4d&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.7567395995683204
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0c890dacbc43030369ee0dfb5b9c530c3e6c583b150e4ef62c5dca45f121bded

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame 4798 		15 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&PageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&PageReferrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&CanonicalUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
7d919bb9219cd72d43ec8fea5306a9a28aa99c14388a879cd89a9919d9606ef5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
219
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame 4798 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:22 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
pbjs
htlb.casalemedia.com/openrtb/ Frame 4798 		37 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0511e20f38fca17fc771556cc12868f6a7a875648cd2c031d2c1f8adb6cfddca

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Di%2FBBDw3I7siJ6lcz5xu%2Fim8Rm3hJzSYarnyfgBBAF1puQbnhchFrfdSZLbQxtgNnJ1BUTb6TUMqD38hT1Kpp5Dlapc3d221ub74fLglTDQmrtKqCXcohq7zZ3jeQVrLp4uMFemO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf65ce7f542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 4798 		37 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0511e20f38fca17fc771556cc12868f6a7a875648cd2c031d2c1f8adb6cfddca

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gh%2FaLKUQ2T45Idewu1t8kJZ3arTVB2uFbLOpGD5kT%2BE1a%2FBeENXhR0HFdXyAzai4mkmmXRwZA9mZXV8n9n2fx7D68bei16cCgeup8OQw%2FBPYM4p6chrIqERVmkmJp22ArZQG%2BNf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf65ce81542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame 4798 		186 B
484 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1451:14::1140 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
758c12e129f172aae9fedc8758dc7a596b5be726455d3a97cbcab7aa7295ff8b

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
186
expires
0
v1
btlr.sharethrough.com/universal/ Frame 4798 		0
126 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame 4798 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
c
prebid.a-mo.net/a/ Frame 4798 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:21 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
90
server
envoy
vary
origin, Accept-Encoding
trinity.json
apex.go.sonobi.com/ Frame 4798 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%222908fb0aa5ca5c4%22%3A%22cf97f45749c8ec53ac56%7C300x250%2C336x280%2C320x250%7Cgpid%3D%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&s=67ae5255-632a-4c0b-aebc-1d98f86582d3&pv=7d26b043-032b-4f53-aabb-2e291a2cd7fc&vp=mobile&lib_name=prebid&lib_v=7.37.3&us=0&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_BbylgSbK%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22spotim.market%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220d352daf-04c4-4bf7-b665-23cc0cfe7134%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
6efb238c762682b3f757af15adf1e13526d72cd0a4187fc09c3cc4f2d3049b2b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1162
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 4798 		24 B
1018 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.3
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
7c8b540f3ada00f8031b2cacf859e03e7afe1401e8e1995be5740d3bde6e2600

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:22 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
v1
prg.smartadserver.com/prebid/ Frame 4798 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.96 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.96.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame 4798 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.shefinds.com
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame 4798 		19 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
an-x-request-uuid
addb296f-953b-444b-994e-24747c557031
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ Frame 4798 		15 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
prebid.deepintent.com/ Frame 4798 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 02:30:21 GMT
server
a
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
/
ghb.adtelligent.com/v2/auction/ Frame 4798 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
bca9ed40aa045942e8c3bb0b3fa71e447100280ef0ce594dfe5cbe3c121313af

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:22 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
918
cdb
bidder.criteo.com/ Frame 4798 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.3&cb=6565528617&lsavail=0
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dfd6160e17861a4dd42daf4143549bc85b9a059082e9df30e4400d0393c43d49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
cdb
bidder.criteo.com/ Frame 4798 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.3&cb=30317461179&lsavail=0
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
764c4e59314a2d8a37e8ce551762b2bfaa99ceadc48d55ae24e5b6f585c6e436
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
translator
hbopenbid.pubmatic.com/ Frame 4798 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:22 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
csyncs
ghb.spotim.market/ Frame 4798 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/csyncs?aid1=730717&aid2=744459&aid3=767137&aid4=767587&aid5=833229&aid6=839059
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6a1e3f882e0c8bb2c148abefdb88ee2887722c8aed661f5d76912e1cebae9f48

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:21 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
812
csync
sync.spotim.market/ Frame 57DF 		43 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=281178&extuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:22 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent
/
bpi.rtactivate.com/tag/ Frame C8B7 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.206.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-206-63.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
75145
i6.liadm.com/s/ Frame C8B7
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
  • https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
2600:1f18:ed:550a:4bc9:ac6a:bf5b:3f86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:23 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
0
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/75145?bidder_id=195755&bidder_uuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Date
Mon, 04 Sep 2023 02:30:22 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
qmap
sync.crwdcntrl.net/ Frame C8B7 		49 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.173.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-173-20.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.7.144
content-length
49
expires
0
/
io.narrative.io/ Frame C8B7
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
  • https://io.narrative.io/?io.narrative.guid.v2=ff7aa120-4aca-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=ff7aa120-4aca-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
54.209.98.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-98-22.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:23 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=ff7aa120-4aca-11ee-a591-0a3986670f6f&companyId=673&id=pubmatic_id:A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Date
Mon, 04 Sep 2023 02:30:22 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
headerstats
as-sec.casalemedia.com/ Frame BDE9 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame BDE9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHl_SYeFOBFXsM9IaGINunzNasnsfjvsFgX3DX05d645fD9sxd36HOxv4c7i3tgQyG9IQqjNO_oJ-Crrb4S2ZR4zPYUoV9bucfbBQnu1ds6LgxNH_1glHK9e2ZruvcbRFDOkyo-v1FUDyUa969Woy3joi7Da-d8huhgYytzrHc1mRSN0_FvKvixNjE0pe68uen0Bus5oR-4OuMaqdFanM0vYpIEawKnAYerU3DbI6V9k2Z8WK3ZSAlNl7vg-9XYdDvnHOxx-qoP7zj4Tomyi45pQoaklRFV91h6Ak2-YOQ9ELnQUsw5b0ydyjfT7SlPp5Nc9Qxk0ecsA&sai=AMfl-YTmoa1DsikqKrk43eCZsE3YpsW-KVElxiPj9-Eib9wC5s_9lb0sQcMMAVVdCs-i55uPQbWiIjHjbwPy0TMXf0HWDr6Sq_0tMB3oNivMp08pIJKdkC3gzM6yZwzJsUZmqG8De1mrb20mvWkaSmpM9YA&sig=Cg0ArKJSzGRQgxnac9KCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:22 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame 4798 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.shefinds.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 22:27:26 GMT
via
1.1 f359087e1d20f17f76b31eb5ffbbd450.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
14576
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
5219
x-amz-cf-id
gK3jVoc6VTOTJ8t3ZnBvELaxQpVvmNfaLpDhpGTQzKbFxoZON8Dn9g==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 4798 		107 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&pid=DWlGGiYDAgCij&cb=0&ws=336x280&v=23.821.1806&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1513243389139-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%22%7D%5D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%22%2C%22pubcommon%22%3A%220c438412-c347-4865-90c0-13acb3f712ee%22%2C%22audigent%22%3A%22060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm7g4ko6gzwigwiew6kwomy%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.129.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-129-159.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
8335281e77851300a650a519962ff48977aba1ca2280ef8abfe648d04c16ccc6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P7
x-amz-rid
JSCE5MEZ05H6772MN7QG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
107
x-amz-cf-id
afWGZewEvQ72INbjohq1impdKijdWaiTR6l6_mkQaCiw8TSLVbuHTw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 4798 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 09:23:19 GMT
x-amz-cf-pop
JFK50-P3
age
61624
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
sq8UVepAIgjKigD9116gLSrrR4icwmg9G3wji628gUMwZxy0t1FU2g==
jload
pixel.adsafeprotected.com/ Frame DD91 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=930203&campId=300x600&pubId=15403870&chanId=227445190&placementId=239329990&pubCreative=138297011555&pubOrder=483446470&cb=2031378576&adsafe_par&impId=fc2b280a-4aca-11ee-b76b-0e5bb606f9c9&custom2=flxrec&custom3=3
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
/
Resource Hash
8a3dce7424732e7e5da95dd4d38203a1c6158c99af9825f75db76e0343c3245f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 719E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDho49e6MupUCp_9KcnorShQSaBTnRDa2IUjR9519lAp8EPIoWXKQBXl0tuuAIrvY3SLCgqVeflQPj6LjdAdz76ow4UNYqugzj8cdOgfGRT8rbcQPqErB3XVOBoZCavsyoOzybyrE6RzgnNVlk4yZQ19hw-QgqLzwvsV7y9Yv0n40PsbVjGnGeoFZ9glsWrnEaRtrYO1d90BGviyMQmr-s3XABjWysS9w2OWNn5r7dMgYmUvCYxu9CMi-X_Dcs0pnJ6-937ZxJzl3tDDidy9KPqt_35es0fGEjEHvOEUNMUE6El8T8AIfo9ReGiR8Ra2ixJpcCl3yi4Q&sai=AMfl-YQ6ulWtDHpLVcbiV7xZE_iyKXC5lHFN4EPU_D_xSOncXiMrBzZXGAoQYt0NSbNwk21vRBA3hRFPxpX7sLJT3C3BYFCI99wTPSBOQe0HjfGsFV7jhhMEh0Eb09ikKSemauGAVbJ3rLUZRLXrXmfDGLk&sig=Cg0ArKJSzHGenh6fHC90EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
tpd
cat.va.us.criteo.com/ Frame 719E 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/tpd?dd=Yivi019VNEtlWHA1VnVLS0ZJaFhsUWVjJTJGM0JLaU9VRkYxblpGbFhHd3paJTJCb3Y0b2NGNDRXRXZGJTJGaGd2VkpJTjJlTTlodWNHMXNoV2JJRWpsV1ZPd3pMWkJkVmZERDlPSU9Bazc3cXRPbzUzdTdKck14RyUyQnNxSTZValpiR1NWeGhwazlxQ2t6MnAlMkJ0anQwRk9JU1dhd0YzUzdPT2pEeDg0YnM1NDV4emZOR3NaekFmJTJCeURLZGxHb3Zqd21vOHJjbXhPZGtuMDRrbUtmNmxrTVc5QllVUmtCYnBVajIlMkZ6bDk5YTZ4WE11QXprSG1JZzNVMnZhaktMZW5aVlROMXY1bkFRUEZsJTJGYUMzNGtHbk1GdVIxa3BkU1FMODJRa0NmdGlmbFUlMkIyVkVUalp5SUF6b0FvNGxKQTVHWkp4UEhNMHJKdUozT1pZWXlNc1NLNGxTM29uZHRPVGMlMkZmaFJpWjBndVFtSjU4b1p1NktWdGVPSHdBS0MlMkJ6ZnclMkZ3eGR0dGV4V1I4WHhqdGx5OWo2b05XZ2VwNUNlWUpsWjMwT3hPbGFKbHEyQWZQenolMkZ0Qk0lMkJHWDElMkZBMUNyYlZyQldSUHVTSjZVSnUydUJXdlE1dFR4N25xc2xVNk93c3BiaHlmVXFJRWtudlNpSVhmZE5FSjZzVzhIRzFVWWglMkIweWlISzZPbUFRU2c5QnNIVXROJTJGRTMlMkZkbUw1U1V4MCUyRnl5QSUzRCUzRA
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
561730
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
441d9eeaff58e4ef400e7ee1a0f9fd54.png
de9a11s35xj3d.cloudfront.net/ Frame 719E 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de9a11s35xj3d.cloudfront.net/441d9eeaff58e4ef400e7ee1a0f9fd54.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:200:17:b93b:fa40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4a5803938f7c2b5ee1a9c19a7ad0319084e19c813dc286958cfc32c73f17534a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 15:07:10 GMT
via
1.1 5d3699e517195152b2b0917312ab80b8.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
40993
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1232248
last-modified
Tue, 27 Jun 2023 07:46:38 GMT
server
AmazonS3
etag
"441d9eeaff58e4ef400e7ee1a0f9fd54"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
accept-ranges
bytes
x-amz-cf-id
L37qLjQalF8VjnGIy3AOGvCEnR5qYV071085Yq1Hnmq2FsZfrbbXfw==
1011
jadserve.postrelease.com/suid/ Frame 719E
Redirect Chain
  • https://rtb-use.mfadsrvr.com/sync?ssp=bidswitch&seller_network=bidswitch_criteo&bid_id=d1856aab-0827-46f8-a86a-08485718fec6&initiator=me&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=ad3c3e1d-5562-463a-9909-5fe7873052b0&us_privacy=1---
  • https://jadserve.postrelease.com/suid/1011?vk=54d10197-cb46-413a-91f9-8e6ea8d9de90
43 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1011?vk=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
34.230.226.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-226-68.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

Location
//jadserve.postrelease.com/suid/1011?vk=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:23 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
ghent-gce-sc.bidswitch.net/imp/0.4165/BSWhttps_A_B_Brtb-use.mfadsrvr.com_Bimp__s2s_Bv3_BLUoejtVMGnTbeDpeX__Aska-0GnJzQuwfMa2kw-jO84jkbdGiEwJCFQwCjLiovO9iZu-Kv8c27HskB0AGaE6zTe1uiMc6lfrmvCawYj1KE3Qk... Frame 719E 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ghent-gce-sc.bidswitch.net/imp/0.4165/BSWhttps_A_B_Brtb-use.mfadsrvr.com_Bimp__s2s_Bv3_BLUoejtVMGnTbeDpeX__Aska-0GnJzQuwfMa2kw-jO84jkbdGiEwJCFQwCjLiovO9iZu-Kv8c27HskB0AGaE6zTe1uiMc6lfrmvCawYj1KE3QkTHXeBNeymhaZPXGKCwMK3eFgxE4WQe__Eh9IX9AqjVoSmhA3N6DyHumQ3w__we55HwErRgBqqS-Z3tv8pFNFgBxgQ44K5dKfk9gvnXWgbuPW0GRd7HfI2r0v7y9IuuCezW7u2ZcMAOiEUbKzsPwVWJO__NxIIQ1keYl8A8rgqN__EnQx5wCSMVFm1GHVlDs0RlobuZXrjvsvnyCPNJ7IQ5lwv564__XzDHCRxBBWehrK073QNj__hAees1-QHmpJrakSQv9CBEvf8inf8UooA0M8i0LXmJW7uYYFJSR2RxN-0UwZPkh9cLpD-QHIbqik28x981PoLAA__F1zRgvxPrDYbMVfsXUpet3q09a6EvtEJraFGnOYOc8WzkFWJaKOp35Y05__TlO8JUsgjlJkNpgdYcZwBc3dVmPMNhkyU28z5UAe5IO__NeI_B_I_WAUCTION__PRICE_X_Cq_R1/bcqGNo1NDOQCRJweGkABHsWj243DCI6Yhz3mR1Db2CH8COl5V1Wv4oSm39BdLtmrgrVCQgKMSMiQj16DLTOiYemX1xBdakxLFhaakV5lazyVaUnX4G1QESdk-2uXIWRd6bPrr8YZ4vZ2HCtE1krW1Km2543F_5jsgpO5Y0Vmvhz3TeY4Xg5owqJXX5P1Fl1inPc6sz7f1mJGomBVXqPMDJ1Ri7wPCRV8aWtdeHMvhOM1zE9jRRSQkazATEbvAwzF8H6QDIfs4sXfCiNvFXMXx-7_81k9UbyiRtL1zDSisMKmg_xeeFQAOysy-S_VMPLGuMGXgruJWk4XSkaXUzR_1nDa9W0gykrG2b5J2obJU9-78MneJOy9Ur7baxeP7ueaV7O5z0CNxhn4Y_wsD1AJ3OVcR68ga9z2p8q-rRv7IOPpkCBLqh_tFpmyCN5YFhARWdldBLSXRMCxgrQB6dur0Uzpp2KDUKVHPZOHo82E8oYA1PsNCwn9d7dm-kjfYj0lhMcCXVswdjXYEA1NHaHp2JZSYImA9SZSLwvinvoB_R15uWAHtvFRllwNjV9vwhSRVaXi68bScU_a1S5Gn13OcebqqbUuhTETfbKde4GYQa8hNNw-qOIrcr-hGZPz55RXAMUdjlZUBVAbwhe_yiLqfHmJo2GONjrgwx4Ro-YACpIrsCBCUKuDKRepRz2IIiHUfBeVc2mjz2phs93-am7m-j1S8jV2I6nGhWUrBWA743pLYBSnaY-eS-c17FENQb4jjpJ-4bjih8EfLbQE8CErO4qt7utEPMMsR1gkX6ahNn-PYhTHHm6h78CnDKVkMErYvVWBRB2qfMKGov5vlv0dxdqxSPXN8jwAAx0BxT5EQcxC_K6o3NGIcpHaOi6agPSVvUE3Uh28FdgOEEOCGbso8yQCUzV8pXoOr6vkOJaTIHJkCdfZ0kB_jp48EGiv4UjQdnY578NHOZRg4Eg6Lg-TJk7Dq1nbz-ApiNlFAJUVHZuzrAlD4y4anAilLUEiUYpKQrRuIItwdQ4kJgFQ4onL5750PXDv4OgoGwCjdcqMoI7AY4tSHqsdwwga0B5o5W40J1-FF_8pqalAlFTrTy_wpuLfIOxOi8S1q_n2VsDxP8ZIvlHTZ039MvAQEgvhHlnqorU/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.200.231 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
231.200.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
match
ssp-sync.criteo.com/user-sync/ Frame 719E
Redirect Chain
  • https://us-east-sync.bidswitch.net/sync?ssp=criteo&dsp_id=250&imp=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=54d10197-cb46-413a-91f9-8e6ea8d9de90&ssp=criteo&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594155179152629092&ssp=criteo&gdpr=&gdpr_consent=
  • https://ssp-sync.criteo.com/user-sync/match?p=&u=54d10197-cb46-413a-91f9-8e6ea8d9de90
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-sync.criteo.com/user-sync/match?p=&u=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
cache-control
no-store,max-age=0
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel

Redirect headers

Location
//ssp-sync.criteo.com/user-sync/match?p=&u=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
logo.png
d31otfhas71ais.cloudfront.net/images/BHMD/ Frame 719E 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d31otfhas71ais.cloudfront.net/images/BHMD/logo.png
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:ae00:6:1e88:a100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6a49dfb07bd4503e29f4e03a2de4dad88fec6dd04ecdca88978a64061f9624eb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 10:35:08 GMT
x-amz-version-id
null
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
last-modified
Mon, 29 Oct 2018 13:05:56 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
57315
etag
"c01834a9f71c30de91957c3a0c29b42e"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
10913
x-amz-cf-id
a8KdV6nXD4rhUzcr8XGBibqoZUwEJk9yzgN3dF3ItijQzM9sOZmPsQ==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Sep 2023 02:30:23 GMT
prebid
prebid.deepintent.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 04 Sep 2023 02:30:23 GMT
server
a
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cdb
bidder.criteo.com/ Frame B3F9 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.3&cb=32715773007&lsavail=0
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ad1874beae3e8188cf74302cd05ad8e6a09af063e1db72ccfe61bd03dd4252e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
pbjs
htlb.casalemedia.com/openrtb/ Frame B3F9 		36 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4287cfca65aa6b410fe8adbd926fd13ab7daf4d58eb241229f020848f562e291

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IgGpV8ak0SsRNbMCQ2oZFm5s09Cz80sX1dOOUHeYVbAJBkBzdXhA2noAtqQ67%2FfkrfMwks%2B0H4kXzMy9V4G%2FAyCSRRB4BHWpHfpeQqHYXzQtJTRwLNVLSTDSqYXRf3zoHyT20g6p"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf6a6cdc542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame B3F9 		36 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4287cfca65aa6b410fe8adbd926fd13ab7daf4d58eb241229f020848f562e291

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1v8qGRH5ONIeOz%2BEvHhU2nhTu4chFRxy9%2FKzwg2sr6UZ4Zc%2BL4rdBYe5Z0Y%2F5UsdNA6nh8FyZFmlkUXx%2FN%2Fecz%2F7ttarIjOpo6JihzTHOyvJhJE41FcYHdkYaXtXKNBXWBFRXECX"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf6a6cde542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
translator
hbopenbid.pubmatic.com/ Frame B3F9 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B3F9 		453 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=d3745cca-fc99-4b89-a611-63bee5576730&l_pb_bid_id=11db16b00b9147b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.024141642641945182
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
bc0e8bcc565697959dad9dafcb30e7579dfba7ab45657cc717d223f4ed9f9f36

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
453
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B3F9 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=d3745cca-fc99-4b89-a611-63bee5576730&l_pb_bid_id=12ed5fcafa53f6e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.6939374079437735
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1109a5cc1fba328fd1771f747f8016d6259f5ab27647f3ae72f7226d1066f412

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B3F9 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=1775444&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=d3745cca-fc99-4b89-a611-63bee5576730&l_pb_bid_id=13fc68bb9443b4f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.8786513020255953
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b93627015c8e3438c18d2665587b51ad87e533d2263d3fbe339d498b7c39c965

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B3F9 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=d3745cca-fc99-4b89-a611-63bee5576730&l_pb_bid_id=149da67d192209a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.2887070293695031
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f674fc1e2568cb5841f1eac4337b40539b93f6295c39f3ef435ed27c49e3ed3e

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B3F9 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=d3745cca-fc99-4b89-a611-63bee5576730&l_pb_bid_id=156c7cb41b6484a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.3021868338614109
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7a413c02c8143abf1d8c5183b85c31491e75e80d981f501ac05cc14d78921a3a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B3F9 		454 B
511 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=d3745cca-fc99-4b89-a611-63bee5576730&l_pb_bid_id=1688869cf2b85a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.09384943391011924
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f845b66c2137315f5b7bbb4376744b132bb288567a742bc498b5d6a6a8c455c2

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame B3F9 		454 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2290538&size_id=15&alt_size_ids=16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=d3745cca-fc99-4b89-a611-63bee5576730&l_pb_bid_id=1702eacbcc2122f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0&slots=1&rand=0.8024738543688159
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3afee20f39f9b1207bfdb619b4804bc142622c0a6d62f739ca45fe18530b7d5b

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
454
expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ Frame B3F9 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:22 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
90
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ Frame B3F9 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
an-x-request-uuid
505c012d-f7f3-4539-a7ea-f5b4743af34f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/universal/ Frame B3F9 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ Frame B3F9 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:22 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
prg.smartadserver.com/prebid/ Frame B3F9 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.96 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.96.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:22 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
unruly_prebid
targeting.unrulymedia.com/ Frame B3F9 		0
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.shefinds.com
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame B3F9 		8 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&PageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&PageReferrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&CanonicalUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
ae878970a267feaed866c16cfe9d8b2fc7896eef8abd7033fcff0d65216e425d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
204
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
25
web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/ Frame B3F9 		186 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/cvx/client/hb/ortb/25
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1451:14::1140 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
cde43191da9b04dbd6a0555041d65c1c2ad3b098179d4719759f08ab1e682da2

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
186
expires
0
bid
ap.lijit.com/rtb/ Frame B3F9 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.3
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e8f66125fd81f000f6336a38cfb50966fc1aeba124567f3c3be22394e127cdef

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:23 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cdb
bidder.criteo.com/ Frame B3F9 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.3&cb=39815846955&lsavail=0
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
72d8b5c4f1207dc6ad940b3c3efbd2bf6ccbde34af6487c6e5c6fe4a2100176a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame B3F9 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:23 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
trinity.json
apex.go.sonobi.com/ Frame B3F9 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22510964a55c54657%22%3A%22cf97f45749c8ec53ac56%7C300x250%2C336x280%2C320x250%7Cgpid%3D%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%23div-gpt-ad-1513243389139-0%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&s=dd38bdeb-0410-4d29-a6c0-23501bd3dd4f&pv=e2ededdf-b3ac-4c3d-93c7-94840051d74a&vp=mobile&lib_name=prebid&lib_v=7.37.3&us=0&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_BbylgSbK%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22spotim.market%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220d352daf-04c4-4bf7-b665-23cc0cfe7134%22%2C%22atype%22%3A1%7D%5D%7D%5D&us_privacy=1---&coppa=0
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.32 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
1786068f0e4c45a2988c1b469255597cf1efa9f7a11ec63f1e528dd28c46d7eb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
1166
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
prebid-request
onetag-sys.com/ Frame B3F9 		15 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
/
ghb.adtelligent.com/v2/auction/ Frame B3F9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
47a7e50a0ade32c62c1191246890e4e10cebfb1d7a3051a021069d9a14ba1dbc

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:22 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
920
prebid
prebid.deepintent.com/ Frame B3F9 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
server
a
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
csyncs
ghb.spotim.market/ Frame B3F9 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/csyncs?aid1=730717&aid2=744459&aid3=767137&aid4=767587&aid5=833229&aid6=839059
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
5f611571ce3c4e5f8cc5f8338ae26c5f4109e843a851c5dbcdf78713af1da472

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:22 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
739
headerstats
as-sec.casalemedia.com/ Frame CC71 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame CC71 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_XPragZHAUy_U5Lo09jmKja45feB32JmHlTa9YGJ56V5zpnGgiLHWjimFVmIREWNvxeGVp4MbF8PtZuROxzFZXuwxpkove4wvVJFiZSQ0FQALyrlZxfLyK9NQQlOIi9ik7_mbpxQEWGhwqLQQakj0W_3g8MNEDM72oXkn6d4y7USR19jNrTFuvZegWO__D9ZaxfQO97FCkvi-FoIwjZlooR2SnT2H1XIPpwDeSyXD5y5ucAXIW5ZnAnKv1SFBoGbTjbX45PBr5TNu8YFbUqcrboXD2opancl9pvSHRDluKsj3FmPJTLHwWfZxGf71_sGtzuL4TRnsPQ&sai=AMfl-YRS9itagpJFVWMkyh2OWKaRnywpFJqxS-bFxu4sjnISMtkiMYbMAaUU3toNOoyU2hVO3B2DpokO-N6qMtTgX7EBVw92RxaOc0XyZ2Tn8RtpQy0ly6KG7qDfHYmiXYBT1_gYKAfM06reBQm-FYu-MKo&sig=Cg0ArKJSzADf1hnaWi1EEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:23 GMT
headerstats
as-sec.casalemedia.com/ Frame A5BD 		0
0
config
c.amazon-adsystem.com/cdn/prod/ Frame B3F9 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.shefinds.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 22:27:26 GMT
via
1.1 f359087e1d20f17f76b31eb5ffbbd450.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
14577
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
5219
x-amz-cf-id
4BUCj2HfcPjbSmpMoNgLV7I25g_QBTnJA3D96AgGBscaN_-RoCVVrQ==
bid
aax.amazon-adsystem.com/e/dtb/ Frame B3F9 		107 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&pid=Yd4otqOUP45sg&cb=0&ws=336x280&v=23.821.1806&t=1900&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1513243389139-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%2C%22320x250%22%5D%2C%22sn%22%3A%22%2F39694909%2C22607427172%2FDBV%2FDBV_Shefinds%22%7D%5D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%22%2C%22pubcommon%22%3A%220c438412-c347-4865-90c0-13acb3f712ee%22%2C%22audigent%22%3A%22060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm7g4ko6gzwigwiew6kwomy%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.129.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-129-159.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
8335281e77851300a650a519962ff48977aba1ca2280ef8abfe648d04c16ccc6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P7
x-amz-rid
H231MHTNZ7JH2KM4C1ET
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
107
x-amz-cf-id
uYYGT5nThYPaz-RZNVMNNTr61AOIjxxqzAawWsad8ky9B_L2NEe7RA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame B3F9 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 09:23:19 GMT
x-amz-cf-pop
JFK50-P3
age
61625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
lruTT566IKkrjJx_wcoCjOG41WV8F2wG0UrkfG10hKj5VNqcaE0sug==
headerstats
as-sec.casalemedia.com/ Frame 6B4A 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6B4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_2n8C6yt9NM9D5F_l-AvTrItW_QpqRCF1CjHbNkwci8meLPBNGKyCZW3dUvMfu5_W4oElLG4fsyJ-OqHiRX6DnNzQquBfnHnDMikNx90n-sm_eJmxNMEOyWjtWttD1ng4sxdqdq1ZywmDSkDQYdkUDvH4xjflekYpbGNmqUt5zTcj4rpUlw0LPjikWckkdNFZK6iqCeOfuevz4NrK-DFK6yT7FHLAOr99YzSk6d1rMd-uVlNb9P_Kry64YQrqhHjm5SLMmnZhaFFbUWiSwor1KXl1fpF7rf7P1PrxY2q-atnhXAlQCnFAzOiiDXJx_JOsHVC6QTDDJw&sai=AMfl-YR0yaFW60lwSiHWbBDr8XlPFPylmYnvaJ4q6SVXuyDv-hlARauUIUD1ROhdtdmhdnXhNQPlXECAuraiD1cnAFlwpSdawI_R_pfy6OMV4mdFyfyK4kr3COOPEf8lEzYf9t6ixZRaXCIsKOSn2dZ63k4&sig=Cg0ArKJSzMV41KWXjPhUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:23 GMT
headerstats
as-sec.casalemedia.com/ Frame 379D 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 379D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcX5HVRk3O-I_SB54HzF5QKCgwdNJcgiblAFNFgysJCIeH9fGIxK_N5HfhWg0XjqWD34fj_QCQZsvFGj3FbCWNcbymnISojH5yx2mM3qWRVIMw0iANidBhpHYAbBl2SHML7FGaNCff61ZoWX_Id9fjTVgEieUzZJOCfepLs1uRxE_5HcuqVz39SDc14s2cq73Sya4868LIqACJWF6UPBDRv1NAGu7qlZk2Ak83RwQXH0mmCCK1cOymvcsz0T3_Y8gZcPYxYYalPy57bGwXiaQhvpKdUSmSp9gI3RGykXX2fVxHGdy4i_JFvn6M6KutSLlbBIWtQR0wmA&sai=AMfl-YQOrIm2lv_PVLPSBHYJTaZqBQRzOwemDnU4FIU4C9ec65RPPgblbnN-EPhKSBGCAQcd9SRQDJLGHwHSdILDibNhM-awtDxSMC-GZa1m-w9yuKYbGA4F7479gHOepv4sfN5G0Ofvk41eWwLMANLP1b0&sig=Cg0ArKJSzGRxDkQ9EXOVEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:23 GMT
usersync
usersync.gumgum.com/ Frame ABDE
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy=1---
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=e41e7122-527b-422a-9179-0dca1a6ecede&ssp=gumgum2&expires=30&user_group=5&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:24 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame ABDE
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=127&gdpr=$GDPR_APPLIES&us_privacy=$CCPA&gdpr_consent=$CONSNT_STRING&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcentro%26uid%3D%7Bus...
  • https://sync.outbrain.com/cookie-sync?p=centro&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=centro&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Cache-Control
no-cache
X-TraceId
4a009ba71c3505fb25a7364b8e1a1cfa
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.outbrain.com/cookie-sync?p=centro&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usersync
usersync.gumgum.com/ Frame ABDE
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:23 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame ABDE
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:23 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame ABDE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Date
Mon, 04 Sep 2023 02:30:23 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame ABDE
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
date
Mon, 04 Sep 2023 02:30:22 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame ABDE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame ABDE 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=gumgum&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=b&uid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame D1D2 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 09:23:19 GMT
x-amz-cf-pop
JFK50-P3
age
61625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
JCTymOddX9sZelsE_aJhY2nKbUwJiRbwvLO8Yy_sjqRe83nSBudZHQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame D1D2 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.shefinds.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 22:27:26 GMT
via
1.1 f359087e1d20f17f76b31eb5ffbbd450.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
14577
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
5219
x-amz-cf-id
rVukTTpY4vvSwv54zzdmhA0I3NS2c9ecGDoCu4WsWcFGseQHKQfH1Q==
bid
aax.amazon-adsystem.com/e/dtb/ Frame D1D2 		107 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&pid=0S88ESHPVWraj&cb=0&ws=1600x1200&v=23.821.1806&t=8000&slots=%5B%7B%22id%22%3A%22videoO1%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%22%2C%22pubcommon%22%3A%220c438412-c347-4865-90c0-13acb3f712ee%22%2C%22audigent%22%3A%22060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm7g4ko6gzwigwiew6kwomy%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.129.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-129-159.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
8335281e77851300a650a519962ff48977aba1ca2280ef8abfe648d04c16ccc6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P7
x-amz-rid
P7HGBBH28SC8B3EE3NHC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
107
x-amz-cf-id
J7uSxumWFi4rtaN3HufTzZO6oLJnesfQTsJVslS-B0IusPr-ag0A-A==
bid
aax.amazon-adsystem.com/e/dtb/ Frame D1D2 		142 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&pid=0S88ESHPVWraj&cb=1&ws=1600x1200&v=23.821.1806&t=8000&slots=%5B%7B%22id%22%3A%22videoO1%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%22%2C%22pubcommon%22%3A%220c438412-c347-4865-90c0-13acb3f712ee%22%2C%22audigent%22%3A%22060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm7g4ko6gzwigwiew6kwomy%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.129.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-129-159.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
91463f3143ac0c91af52387b9db4299fd177ace25f22d27350dee507ab654ee8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P7
x-amz-rid
B7HTT1ZCEBXZ38PFV26J
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
142
x-amz-cf-id
9vwpPuAxsZlpsakWBWz7Ng-95mFsqfaJipAIw5Fa8eYypCWFYSeaXQ==
cookiesyncendpoint
sync.aniview.com/ Frame 0639 		0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=1&key=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D1%26key%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
date
Mon, 04 Sep 2023 02:30:23 GMT
merge
ce.lijit.com/
Redirect Chain
  • https://tag.crsspxl.com/c.gif?t=50288&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5110%263pid%3D%5BUID%5D
  • https://tag.crsspxl.com/c.gif?cc=1&t=50288&r=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D5110%263pid%3D%5BUID%5D
  • https://ce.lijit.com/merge?pid=5110&3pid=4675803951937906561
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5110&3pid=4675803951937906561
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=5110&3pid=4675803951937906561
Date
Mon, 04 Sep 2023 02:30:23 GMT
Connection
close
Content-Length
0
SPug
simage4.pubmatic.com/AdServer/ Frame A6F6 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157743&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=157743&gdpr=0&gdpr_consent=&us_privacy=1---&predirect=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fpubmatic%3Fchanneluid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:22 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame 6070 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:23 GMT
Expires
0
Pragma
no-cache
cookie_sync
prebid-server.rubiconproject.com/ Frame BDE9 		3 KB
923 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b89490183a20c6a3103c95e9e6c19ab00b940033e4113b2a49d79aceda1fd767

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
650
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame BDE9 		217 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
719bf23cac0305ab837ad8d99a3d5c38fc29fe180b62382087ce7c359bde646c

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
193
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame BDE9 		699 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=2&alt_size_ids=55%2C57&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.bidtype=post&tg_i.permutive=21967%2C81752%2C116913%2C116916%2C128800%2C128890%2C157392%2C21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&tg_i.vertical=fashion&tg_i.vertical1=fashion&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexbanner%2Fskm-ad-flexbanner&tk_flint=pbjs_lite_v7.40.0&x_source.tid=a82040e0-37bc-4e92-ad54-5fc75621afb3&l_pb_bid_id=491f37dc0c4039&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexbanner%2Fskm-ad-flexbanner&slots=1&rand=0.2777408298436834
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6dc55607cd6dc08631794234d249d9d7e6797ebceb7972e51769fd835be72500

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
699
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid
ap.lijit.com/rtb/ Frame BDE9 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
eb2ac69ae2707f6c71862add334e4147a7c94b7ba94641db4a3879e1963ebd59

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:23 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ Frame BDE9 		36 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=473696
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62f101f773aa6a4ef717deb3ac81476044dfb0587e4a3b17edb1d9e4b2204622

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c39tkKnB1bfVc3Z1QITn8oHw%2F5sxFRa5hI6by3zriqwToOS%2BSkl%2BnvCoBz9AWgtQolCQFzj3UdvVS6eiwQpDg6%2FPo5rkIDy%2FZ8JvueQ4P85YQgyV9nWtXo38G7nwk1ODsWuyzZeW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf6d081d542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame BDE9 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
an-x-request-uuid
a16bf6d8-1634-408b-868c-0d251a4105ef
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-server.rubiconproject.com/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1-...
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
cookie_sync
prebid-server.rubiconproject.com/ Frame CC71 		3 KB
912 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f8a4c2093f4f4d8efe044063279105517cda36cc947acce0f3180dd8455abaff

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
639
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame CC71 		220 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
5823859b4794eedbd68ac927386d5268e71e49bef098c96a1e095ce8a41fd40e

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
195
Expires
0
bid
ap.lijit.com/rtb/ Frame CC71 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a89998063052015a64f4570bbea9283c2c553981af67171722e4d025336eeaed

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:23 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CC71 		668 B
702 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=2&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.bidtype=post&tg_i.permutive=21967%2C81752%2C116913%2C116916%2C128800%2C128890%2C157392%2C21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&tg_i.vertical=fashion&tg_i.vertical1=fashion&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fframe2%2Fskm-ad-frame2&tk_flint=pbjs_lite_v7.40.0&x_source.tid=ce196b84-39a1-4875-8274-9cbdff0ec256&l_pb_bid_id=6cf6f779f338c8&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fframe2%2Fskm-ad-frame2&slots=1&rand=0.4774351129228769
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
5b1dcfbd77fdd57a2d9a9f2e5b2e549a832375a35063054c8e0598a23ff8eeff

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
668
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame CC71 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
an-x-request-uuid
bb7ae1a1-dd6e-4dd0-9616-b86550528260
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame CC71 		36 B
489 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=473696
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
388343c1d0006e06a77eedf5e2d6d9be56f331e6d990bc6ded21dd860f664caf

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kNqqXHZB6Us4M6%2BuYVpbL%2FOvz%2FK2KgryePC0nx%2B2TBHkBqxHK6JKA53D1zPCrmvuvw8V3JjtWUE1Bbek4l6F7R3zMPhdJA6qSdtrRAhgZYOe%2FQHpnQ5q1SXNvOJpoERwZqG0092"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf6df940542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
cookie_sync
prebid-server.rubiconproject.com/ Frame A5BD 		3 KB
903 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
6a6745f887caaf797b5b7b5d39209bc3a37cf2bb8fa83ffbc004b05fbecdb260

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
630
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A5BD 		218 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
3bc3e6ebabb53cd8314564de6fbfca375f5d5a5662f88453cd2e750f2769c5d3

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
194
Expires
0
prebid
ib.adnxs.com/ut/v3/ Frame A5BD 		19 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
an-x-request-uuid
b2229c65-b7e5-449a-afcd-89c1caaa56c1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame A5BD 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
d94f3cf69ae36b742281a39dc28746a6f3c753bc62a62e599d7e81c08826d3c5

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:23 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
pbjs
htlb.casalemedia.com/openrtb/ Frame A5BD 		36 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=473698
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bc89249d26ca4a4550d113a7fcc7a8da2e00b62ffa88f74a732212ca03c1279

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nN1facY3vLuBqqZ4eG85%2FqcFcgeKGce%2FB6pDiLSsCTEwPNkUnz80cwC1RDEjygELjL783mEoA1TC%2BgZ2kcG8%2FeBlYOOItwN1D8cojNBq4FsTPQv%2BsridtSl6N3WbLGKys2W%2BZOiv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf6e1970542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame A5BD 		693 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=15&alt_size_ids=10&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.bidtype=post&tg_i.permutive=21967%2C81752%2C116913%2C116916%2C128800%2C128890%2C157392%2C21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&tg_i.vertical=fashion&tg_i.vertical1=fashion&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexrec%2Fskm-ad-flexrec-1&tk_flint=pbjs_lite_v7.40.0&x_source.tid=124de2ad-a4f8-4bff-ae30-0de217193071&l_pb_bid_id=12db436df010de5&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexrec%2Fskm-ad-flexrec-1&slots=1&rand=0.9867286609238692
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
59da6d677a17058b10d405d7af8fe3b938025b84fa251cd1f679c7d07182a7bb

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
693
expires
Wed, 17 Sep 1975 21:32:10 GMT
multitracking
ghb.spotim.market/adunit/ Frame 4798 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.shefinds.com
Date
Mon, 04 Sep 2023 02:30:23 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
match
events-ssc.33across.com/ Frame A84A 		68 B
82 B 		Document
General
Check archive.org
Download Go to
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Mon, 04 Sep 2023 02:30:23 GMT
via
1.1 google
activeview
pagead2.googlesyndication.com/pcs/ Frame A5BD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWXdH4f46O-ywzZt5gL6IXN57-lHQcbL9YNOLVpJpT2p1l1M05RKgOwNxPAIJAGYQQ7ctLYCCcUKeAIwTsrob-C_CsoLQy_6CGhxj600mnAgbSMwVprbWa95Ywsw7K&sig=Cg0ArKJSzJ1EFp8zuij5EAE&id=lidar2&mcvt=2024&p=991,980,1241,1280&mtos=0,2024,2024,2024,2024&tos=0,2024,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=0.84&vu=1&app=0&itpl=19&adk=834674590&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693794614260&rpt=7406&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_sync
prebid-server.rubiconproject.com/ Frame 6B4A 		3 KB
927 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
f96c418cb67a96b7001341c3afd18f4ff470a1b53b1788c4f406468c1c9eb9e1

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
654
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 6B4A 		219 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ffee138fd5ac29ce5df591e6a0f66d2026c780ba51f7da9ac8d1e7b22117d5a5

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
192
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame 6B4A 		36 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=473698
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f95bc39378ffc11b03d19f826dafc6b6edd5de8b7deb22e22a5315d9dfc6d41

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Nc0fSonbChXlzLrdEy1UnoKRjOjBgwk%2Fq33McnNkgP6d4xT7qe7CG%2FjYzJPYx2rR0cq6sRLuCz1WERUDaXN3%2FucpExG2fn8PWD9LG3ZWATQSeSzGkc%2BBUhcYb91AJW7Vfux57tL"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf6e59c2542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 6B4A 		701 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=15&alt_size_ids=10&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.bidtype=post&tg_i.permutive=21967%2C81752%2C116913%2C116916%2C128800%2C128890%2C157392%2C21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&tg_i.vertical=fashion&tg_i.vertical1=fashion&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexrec%2Fskm-ad-flexrec-rightrail&tk_flint=pbjs_lite_v7.40.0&x_source.tid=6ee71988-ac32-4031-90cc-a099d50e69a3&l_pb_bid_id=78a3fcf67dbeb5&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fflexrec%2Fskm-ad-flexrec-rightrail&slots=1&rand=0.7105765755062314
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
473d8ef5df4eb09820629e5f7fd9d8b0da99636558a99319b026bf13f622a5bc

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
701
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 6B4A 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
an-x-request-uuid
58aa2e1b-1648-4cd2-99be-38616416b203
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame 6B4A 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
69a84159c783a69418259ac545e234d7d38e56e65df2d42a23b90e995a094c0c

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:23 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
cookie_sync
prebid-server.rubiconproject.com/ Frame 379D 		3 KB
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a27cb37cbd0004821affaf75f4349e9ce6686b587c9bf8c6fa1a3485e7bea4a0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
587
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 379D 		217 B
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
394060c982063d0e9aeacaf816b921fab867f9cb82dc96032b3be845e46de971

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
193
Expires
0
bid
ap.lijit.com/rtb/ Frame 379D 		23 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
fafcb93c31874d92a0466689079ae6a65b56864516d7560070007b3ec1210c1b

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:23 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
23
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 379D 		672 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=15&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.bidtype=post&tg_i.permutive=21967%2C81752%2C116913%2C116916%2C128800%2C128890%2C157392%2C21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&tg_i.vertical=fashion&tg_i.vertical1=fashion&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fmedrec%2Fskm-ad-medrec-03&tk_flint=pbjs_lite_v7.40.0&x_source.tid=cfa84144-f26e-4fc4-a000-692ff28dcbc0&l_pb_bid_id=6c565385daa0b7&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fmedrec%2Fskm-ad-medrec-03&slots=1&rand=0.9338563784088403
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9e4d956d497171b7f04076819c0b18845258bbd544af0bcb3c967f5b1d2a3b5e

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
672
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame 379D 		36 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=473698
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b9c4daf85b4238b862e78ce4482e15f0d11c45b7b7e28ce5a4e198bb683e2c7

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bwrf%2F3Oo2AmBGNbGQ8vXC8ztUdHLnRO1kpF81m9rwJ7j1XmjiAigN2ig2qJy8%2F8qqfOJvR0%2FiGWgZlxD3lJKs7nm%2FYrAHHlOb%2BYHt9hqjvOQPYQ0CjtN9i5Zi1RuZAI%2FKItjh4bT"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf6e8a31542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
prebid
ib.adnxs.com/ut/v3/ Frame 379D 		19 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
an-x-request-uuid
48ed1894-97d6-4609-8fd6-bb83c088b63e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 4EB6
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=1---
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:23 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:23 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame 40DA
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:23 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 04 Sep 2023 02:30:23 GMT Mon, 04 Sep 2023 02:30:23 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 60CA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:23 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:23 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
cm.g.doubleclick.net/ Frame 85EE 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 77A5 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101344
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:23 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
hb_307825_11600.js
player.adtelligent.com/prebidlink/ex19604/ Frame 7923 		920 B
785 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19604/hb_307825_11600.js
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19604/hbw_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
91605739a2dfb9746ad599e1d4e88499641083f2fbd8017262853b605b3becc3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:23 GMT
date
Mon, 04 Sep 2023 02:30:23 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 10:58:33 GMT
server
nginx
etag
W/"64f1c3d9-398"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 0B7D 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 16fbe6f2baa3fcc1563be742e6d45f20.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 09:23:19 GMT
x-amz-cf-pop
JFK50-P3
age
61625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
wlgI0ry2_DuH78-1V08G3nBPPAKEK2sYPlfc7azhRRVh0EEFPgqZqA==
config
c.amazon-adsystem.com/cdn/prod/ Frame 0B7D 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.shefinds.com&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 22:27:26 GMT
via
1.1 f359087e1d20f17f76b31eb5ffbbd450.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
14577
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
5219
x-amz-cf-id
RWZf9_8wj56IVayHRLdAa8Q5WWKV7I2GgJ4BQf0wxloT_EMcTVMq9Q==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 0B7D 		107 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&pid=s27cdvoou2Who&cb=0&ws=1600x1200&v=23.821.1806&t=8000&slots=%5B%7B%22id%22%3A%22videoO1%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&pubid=9eaf46de-e1bd-41c9-8a11-f5862f62cd8e&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%22%2C%22pubcommon%22%3A%220c438412-c347-4865-90c0-13acb3f712ee%22%2C%22audigent%22%3A%22060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm7g4ko6gzwigwiew6kwomy%22%7D%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.129.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-129-159.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
8335281e77851300a650a519962ff48977aba1ca2280ef8abfe648d04c16ccc6
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P7
x-amz-rid
3H85RJPE3174JFSFPPS3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
107
x-amz-cf-id
fEtzmC2zxQToUVtQ4Pl8maNvnrVMzRp4yWh8-860fbRehOdrY1LZhA==
hb_307825_11596.js
player.adtelligent.com/prebidlink/ex19604/ Frame 8419 		920 B
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19604/hb_307825_11596.js
Requested by
Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19604/hbw_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bdfd00f7b41a504579b6f10fe781557c69bb449f1d924aecfd6467d878892106

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:23 GMT
date
Mon, 04 Sep 2023 02:30:23 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 10:58:33 GMT
server
nginx
etag
W/"64f1c3d9-398"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=ff061bdb-df71-a3df-20c9-b0ff12d77dda&tv=%7Bc:naA6Dw,pingTime:5,time:6616,type:p,clog:%5B%7Bpiv:84,vs:i,r:,w:300,h:250,t:963%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6616,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:963,wc:0.0.1600.1200,ac:980.991.300.250,am:i,cc:980.991.300.250,piv:84,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5669~75%5D,as:%5B5669~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1941,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j*.930203%7C1j1%7C1k.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1j*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:963,sis:1846%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=984e27da-3232-bb44-eb5b-68b1e7d8ea4a&tv=%7Bc:naA6Dz,pingTime:5,time:6656,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:954%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:6656,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:954,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5973~100%5D,as:%5B5973~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1954,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i*.930203%7C1i1%7C1j.930203%7C1j1%7C1k.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u,idMap:1i*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:956,sis:1882%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
truncated
/ Frame E9D4 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09e7f808dd13839b3f0c258b8f08036e01a78e1d054d6ab21e38577e089d2a0c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
35.ffa44917a77d7f8b045a.js
ads.blogherads.com/static/chunks/ Frame AF10 		1 KB
854 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/35.ffa44917a77d7f8b045a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
W1HFRKKZH9Q2N8T5
age
1800
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
4dve68o5NOLtyAt0DUY3r2o9iwgMtLoBgfw10TpNFt3nTX8pgqSb0J31hPovm0tCyu6UobxBuKY=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794624.841238,VS0,VE0
etag
W/"9a805af25f2863ad614644ba47504a2b"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
161
boomerang.json
ads.blogherads.com/bh/41/412/412983/2498530/ Frame AF10 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/bh/41/412/412983/2498530/boomerang.json
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e5ada85311794e56eaaa31718cef387f575ecc1cbb855ea721fef82b4624a65

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:23 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
M76AEQMX31PM26G3
age
1583
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
8F0CLVTz/7UOJ9n8lrHBYnmi1jVWfJdG55RKHpSfjnNzVMzIu8+9S9XiPNCeADSfu8Ewvp6zDSc=
x-served-by
cache-yyz4546-YYZ
last-modified
Wed, 30 Aug 2023 01:59:18 GMT
x-timer
S1693794624.885355,VS0,VE0
etag
W/"7e6b29f049e57c8b16f38618e130c93c"
vary
accept-encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
2
truncated
/ Frame AF10 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
882f6374dd8ce09f54bb8b910320b08eb423e869e148dd1bd063f00ed68d139b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 719E 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1ca96e701b29847bcfdc7862e1d5db6a9f99854bbc397d3a0932548aa4a6e19

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
activeview
pagead2.googlesyndication.com/pcs/ Frame BDE9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvu7qwP-Ek9SekJevkHapSL9cLv317BP7WOgcvCRuVDVnOxC4XateR9l-hPly98m-lHRQsyFvczIbpuCk1WhLQ9CcWwzhpgewV_1Mu6faM9cwg47EQznt1fYw1_mtbQ&sig=Cg0ArKJSzHPWjKXPuJXlEAE&id=lidar2&mcvt=1723&p=235,320,485,1290&mtos=1723,1723,1723,1723,1723&tos=1723,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=912865269&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693794614138&rpt=8098&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame E37F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
7a90ab9754bf4255790a397020c905838fabbc70b79a9b31660862a4f411ae14

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1907
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:24 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
cookiesyncendpoint
sync.aniview.com/ Frame 4F6C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17184&khaos=LM49KSCX-B-B1NA
  • https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LM49KSCX-B-B1NA
0
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LM49KSCX-B-B1NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Protocol
H2
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aniview.com/cookiesyncendpoint?biddername=5&auid=&key=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
sync.1rx.io/usersync3/centro/2064/ Frame CC71
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2064%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=687449420
  • https://sync.1rx.io/usersync3/centro/2064/114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553?zcc=0&sspret=1&rndcb=687449420
43 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/centro/2064/114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553?zcc=0&sspret=1&rndcb=687449420
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.1rx.io/usersync3/centro/2064/114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553?zcc=0&sspret=1&rndcb=687449420
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
usermatch
ssum-sec.casalemedia.com/ Frame B3BE 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
a27370277243984870dfc67b36f3f2bb299738ec7d0b4ab2e4b447f23e612ec4

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2025
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:24 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
ghb.adtelligent.com/geo/ Frame 7923 		158 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19604/hbw_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6435522b12db8477c3d43f483b51389315e5cb5144f53753f7116b462ec5947d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.nodserving.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
158
tracking
ghb.adtelligent.com/adunit/ Frame 7923 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11600&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=49l44m.to&features=16416&vpbv=N169&lifecycle_tte=4541
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19604/hbw_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.nodserving.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=27957730&componentId=prebid&componentSubId=mustang&timestamp=1693794624230&_fw_bidfloor=7&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-207752980&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&playerSize=400x300&video_context=outstream&video_placement=3&video_plcmt=4
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
x-sticky-debug
Request blocked, limitation reached
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=25931234&componentId=prebid&componentSubId=mustang&timestamp=1693794624233&_fw_bidfloor=15&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-690414322&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&playerSize=400x300&video_context=outstream&video_placement=3&video_plcmt=4
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794624229089-312
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=27957730&componentId=prebid&componentSubId=mustang&timestamp=1693794624234&_fw_bidfloor=7.5&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-207752976&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&playerSize=400x300&video_context=outstream&video_placement=3&video_plcmt=4
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
nnCoection
close
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
x-sticky-vk
1693794624235073-265
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2932ddd53af18c70582106a88d2b198a867c4e61aeef769660429dfd18dcb3ec

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=roNJUZYyVubTvMa3wKkPoxZlTb4YO4U%2B%2FzcJZ8X5pPtVOam6Yt75qZ2q7U1O7t8avm4bebfha0GoIXbIZuu6DK1u7EPGo78k0nLpo6sp0c2qKgbYb1dDb7G%2BgiMzTQTg4Jk9Wgwl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf718e35542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
tag
p4dt2-980w2.ads.tremorhub.com/ad/
Redirect Chain
  • https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-ug5of&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&supplyCode=p4d...
  • https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-ug5of&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&supplyCode=p4d...
55 B
631 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-ug5of&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&supplyCode=p4dt2-980w2&mediaId=VideoId&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&transactionId=465b3cf2-6353-4bdf-af55-4867d1915837&floor=USD:2&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&us_privacy=1---&hb=1&fmt=json&_tur=T
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2600:1f18:612b:4232:a50d:a252:f0a2:d6f2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a9df5157dca26c2b514915e3b098e65cbd91132f736c32ed47aeb50626e02c14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.shefinds.com
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD

Redirect headers

location
https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-ug5of&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&supplyCode=p4dt2-980w2&mediaId=VideoId&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&transactionId=465b3cf2-6353-4bdf-af55-4867d1915837&floor=USD:2&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&us_privacy=1---&hb=1&fmt=json&_tur=T
access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:24 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
prebid
ib.adnxs.com/ut/v3/ 		139 B
815 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
dd163de50ee962fc9ae4fc57ec20ec75d7c80a9191ad21029ac4ed3e0d8d6472
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
an-x-request-uuid
b2eda25e-9bfb-4d78-969a-5b8b11bc7554
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cm
u.openx.net/w/1.0/ Frame DB7A 		926 B
583 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7ba87d50b2559c604f49cdd54af373f2a9f032f8c7c4ee3358a32797e7610ca7

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
564
content-type
text/html
date
Mon, 04 Sep 2023 02:30:24 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
ghb.adtelligent.com/geo/ Frame 8419 		158 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19604/hbw_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6435522b12db8477c3d43f483b51389315e5cb5144f53753f7116b462ec5947d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.medocdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
158
tracking
ghb.adtelligent.com/adunit/ Frame 8419 		43 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11596&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=49l459.9s&features=16416&vpbv=N169&lifecycle_tte=4640
Requested by
Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19604/hbw_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.medocdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
usersync.php
ssp.api.tappx.com/cs/ Frame 8321 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cd9328d4bb26950bb9f78d64c39f7ba35c36c4273d896ae93efa2d560411cf9d

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:24 GMT
server
nginx
transfer-encoding
chunked
float-and-scroll-chunk.6fa48da8dfa673bb496a.js
ads.blogherads.com/static/chunks/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/float-and-scroll-chunk.6fa48da8dfa673bb496a.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9163a9e397d818cd252d74c78be9e5a8dde68c72cabde38dd2a8c47c8c611f59

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9ZN253KP2RRFK5N4
age
1800
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
OZGEgt3oA3SZ5jfEYFX+JtTg+BD/VHgzFCRiq6gvNR3BNJ3BgEaMwui087UKUasnJO6nKsvipiU=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794624.292060,VS0,VE0
etag
W/"1cafd6c3703201b55df7d845c4f674eb"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
43
usync.js
eus.rubiconproject.com/ Frame 60CA 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57916
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
g.png
hash.qualia.id/
Redirect Chain
  • https://sync.graph.bluecava.com/ds.png?p=95b767e8-0bec-4fdb-a4d3-bc8ce01a08cd&segment=66afeee89497e411a7020050569b1b56&uid=HQzWZQZHTprevADoQOeL11M1&sovrnrnd=72447
  • https://hash.qualia.id/g.png?p=9a5f7968-45f9-4b4c-bbd7-0edcc749a1c3&rid=460c0f1b-5ef5-4d14-b1af-cd7ef072b7e3&did=460c0f1b-5ef5-4d14-b1af-cd7ef072b7e3&chained=true
95 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hash.qualia.id/g.png?p=9a5f7968-45f9-4b4c-bbd7-0edcc749a1c3&rid=460c0f1b-5ef5-4d14-b1af-cd7ef072b7e3&did=460c0f1b-5ef5-4d14-b1af-cd7ef072b7e3&chained=true
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
35.201.111.96 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
96.111.201.35.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
via
1.1 google
server
fasthttp
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
via
1.1 google
p3p
CP="NON DSP LAW PSAo PSDo IVAo IVDo OTPo OUR SAMo BUS UNI PRE"
access-control-allow-origin
*
location
//hash.qualia.id/g.png?p=9a5f7968-45f9-4b4c-bbd7-0edcc749a1c3&rid=460c0f1b-5ef5-4d14-b1af-cd7ef072b7e3&did=460c0f1b-5ef5-4d14-b1af-cd7ef072b7e3&chained=true
content-type
image/png
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=36a09f01-2200-3f12-2021-6c6fbce8b9d7&tv=%7Bc:naA6LE,pingTime:5,time:7217,type:p,im:%7BpLoad:5137%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1383%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:7217,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1383,wc:0.0.1600.1200,ac:320.235.970.250,am:i,cc:320.235.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5852~100%5D,as:%5B5852~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:1999,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h*.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j.930203%7C1j1%7C1j2%7C1k.930203%7C1k1%7C1k2%7C1l.930203%7C1l1%7C1l2%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1384,sis:2133%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
isyn
prebid.a-mo.net/ Frame 7CFF 		161 B
217 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
a5ad6940a6a0850d71781ca95d3af5960c6af7432250ae9694cdb319426aef48

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:23 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
csync
sync.spotim.market/ Frame B1D0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:24 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ad057982-c0d5-4598-8b45-cfc902fc2f11
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:24 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
csync
sync.spotim.market/ Frame 6A0E
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
43 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:24 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:24 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
X-Sovrn-Pod
ad_ap7ewr1
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8B39 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101343
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:24 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 1D42 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
f06c36728aa3d48f164f74e52462612eb7597d0ca73153bb5858ca9a956fa987
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
917
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
csync
sync.spotim.market/ Frame 4798
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D...
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:23 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.spotim.market/csync?t=a&ep=309017&extuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.spotim.market/ Frame 4798
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent}
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2069.55%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7734936428
  • https://sync.1rx.io/usersync3/centro/2069.55/114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553?zcc=0&sspret=1&rndcb=7734936428
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-b3fc7ddc-d062-4187-8251-0...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
csync
sync.spotim.market/ Frame 4798
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=733068&extuid=HQzWZQZHTprevADoQOeL11M1
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=733068&extuid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.spotim.market/csync?t=a&ep=733068&extuid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csync
sync.adtelligent.com/ Frame 4798
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Adtelligent
Etag
8c142d02c463c298
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
0
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 4798 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0
csync
sync.spotim.market/ Frame 4798
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=wldemn0V
  • https://sync.spotim.market/csync?t=a&ep=748543&extuid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=%7BGDPR%7D&gdpr_consent=%7BGDPR_CONSENT_80%7D
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=748543&extuid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=%7BGDPR%7D&gdpr_consent=%7BGDPR_CONSENT_80%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=748543&extuid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=%7BGDPR%7D&gdpr_consent=%7BGDPR_CONSENT_80%7D
date
Mon, 04 Sep 2023 02:30:24 GMT
content-length
0
tag
btloader.com/ Frame 4798
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.shefinds.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=www.shefinds.com&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f5b66f3317536959df19e1c60ef98527b740332b8bc5a9307810c92d77e3dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
843
etag
W/"f189b32857eb088085866e91a3cce2a1"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQG4vQoW5HwVq%2FPFB%2FSz8fDF%2BEqcQnWwmD1%2BOC%2FOMyDB0omLeAZTTPk6RmJgOKNw7OZ8qlxT%2FucPWUH6MC3IJc1eEHz202MUGpJidNQq25G%2FvBvw0PtkcT7ovnZBp4kFK4pjgNA3KTY2Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
8012cf7ef8944bd5-BUF

Redirect headers

date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
842
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQIHxYbQmKMfvLD8hZyI9PwHPBR79hxzGmKtf8Ha6ujDE%2BRzjrmJUnjxPCyNDLS5LeLodHFDKha15WbH%2FfYIwqgXIP33IbgwzJOxEIxqLxcmRfw9SAJrFIHRddwEmWaa6aW1XolzHq%2B%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=shefinds.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
8012cf7c08654bd5-BUF
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 4798 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.102.49 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-102-49.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 04 Sep 2023 02:45:24 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame 4798 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 11:35:10 GMT
content-encoding
gzip
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:15 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
53715
x-amz-server-side-encryption
AES256
etag
W/"560498a44e7d42477433425cdafd6a16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
a3URhyvTMVWhhY7_OSTeTJ9m2YHO59a1XuSKRvfGRt-GWdo4zUHaFg==
ima.js
cdn-ima.33across.com/ Frame 4798 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:36 GMT
server
cloudflare
age
294953
etag
W/"64cd45ac-60bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8012cf77ecf1a1f6-YYZ
expires
Thu, 07 Sep 2023 02:30:25 GMT
hadron.js
cdn.hadronid.net/ Frame 4798 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&_it=amazon&partner_id=471
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
1797
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8012cf72dcc04bcc-BUF
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame 4798 		118 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
NZGZF22DA6X55N2Z
age
2080
etag
W/"7799d2904b6b2427a4713f4da8b71602"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8012cf72d9354bcd-BUF
x-amz-id-2
9ODLf4FiT/PvJBsNSuNeBWOIUC7gfUfoqt13l19MRSVAGmrRdWiwS7SqLIJ07AWWdi+jk5XW3ea5Hw3dJfzUpA==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 4798 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.102.49 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-102-49.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Mon, 04 Sep 2023 02:45:24 GMT
main.19.8.439.js
static.adsafeprotected.com/ Frame FEA2 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:44:02 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2205983
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
0IK9rR3ooHTj7RY52w8o06k7bpAC4saC098_KKv9SHbX9k74P_Y3kQ==
main.19.8.439.js
static.adsafeprotected.com/ Frame DD91 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.439.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Wed, 09 Aug 2023 13:44:02 GMT
x-amz-version-id
jxULgCd28jZVPRI.j5D8yH73I4fVMdj5
content-encoding
gzip
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
2205983
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 08 Aug 2023 19:01:42 GMT
server
AmazonS3
etag
W/"f00fcc2e1b804b8a3edfbb8cb19bddaa"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
EYdJk8yfm0X2RZ_qcdR44I8koo40_3oB9C3OjbTR0R4ra_vRCLG8OA==
crum
dsum-sec.casalemedia.com/ Frame E37F
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=282302acab169b2a8066fc4260fc6f15
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=282302acab169b2a8066fc4260fc6f15
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:24 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=282302acab169b2a8066fc4260fc6f15
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crum
dsum-sec.casalemedia.com/ Frame E37F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
3784
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8012cf736cc54bcc-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E37F
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25CCOFUEO...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=tBqhGL_SEgdE6TJQpXUm
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=tBqhGL_SEgdE6TJQpXUm
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=tBqhGL_SEgdE6TJQpXUm
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E37F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P6P1QDHS1GWCCK4HH0HE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame E37F 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-05fd1c600.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
p/jEKPDoR/w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ium
dsum-sec.casalemedia.com/ Frame E37F
Redirect Chain
  • https://id.rlcdn.com/711587.gif
  • https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:24 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/ium?sourceid=3&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E37F 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
setuid
prebid-server.rubiconproject.com/ Frame E37F 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
csync
sync.spotim.market/ Frame B3F9
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&gdpr={gdpr}&gdpr_consent={gdpr_consent}&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D%26gdpr%3D...
  • https://sync.spotim.market/csync?t=a&ep=309017&extuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=309017&extuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.spotim.market/csync?t=a&ep=309017&extuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
csync
sync.spotim.market/ Frame B3F9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=openweb&gdpr={gdpr}&gdpr_consent={gdpr_consent}
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.55%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=111326026
  • https://sync.1rx.io/usersync3/appnexus/2069.55/2535980227366638075?zcc=0&sspret=1&rndcb=111326026
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D708476%26extuid%3DRX-b3fc7ddc-d062-4187-8251-0...
  • https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:26 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 04 Sep 2023 02:30:26 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.spotim.market/csync?t=a&ep=708476&extuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
csync
sync.spotim.market/ Frame 610E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:24 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
41763eb4-61c5-4a21-b664-f1f1d41fdc6e
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:24 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
csync
sync.spotim.market/ Frame 2AF4
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
43 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:24 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:24 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
X-Sovrn-Pod
ad_ap7ewr1
csync
sync.adtelligent.com/ Frame B3F9
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Adtelligent
Etag
8c142d02c463c298
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
0
Expires
0
/
onetag-sys.com/usync/ Frame CF70 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
0dd1328f4a947ccb9155dff862e0884a7cf2683ef1aebd18252e1f76127e6bdc
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
917
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
isyn
prebid.a-mo.net/ Frame EA4B 		161 B
175 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
a5ad6940a6a0850d71781ca95d3af5960c6af7432250ae9694cdb319426aef48

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:23 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
csync
sync.spotim.market/ Frame B3F9
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D733068%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=733068&extuid=HQzWZQZHTprevADoQOeL11M1
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=733068&extuid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.spotim.market/csync?t=a&ep=733068&extuid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usermatchredir
ssum-sec.casalemedia.com/ Frame B3F9 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0
csync
sync.spotim.market/ Frame B3F9
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=wldemn0V
  • https://sync.spotim.market/csync?t=a&ep=748543&extuid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=%7BGDPR%7D&gdpr_consent=%7BGDPR_CONSENT_80%7D
43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=748543&extuid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=%7BGDPR%7D&gdpr_consent=%7BGDPR_CONSENT_80%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.spotim.market/csync?t=a&ep=748543&extuid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0&gdpr=%7BGDPR%7D&gdpr_consent=%7BGDPR_CONSENT_80%7D
date
Mon, 04 Sep 2023 02:30:24 GMT
content-length
0
tag
btloader.com/ Frame B3F9
Redirect Chain
  • https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
  • https://btloader.com/tag?aax_id=AAX413QP4&domain=www.shefinds.com&ver=1.2&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=www.shefinds.com&upapi=true
  • https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5080945107927040&domain=shefinds.com&upapi=true
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f5b66f3317536959df19e1c60ef98527b740332b8bc5a9307810c92d77e3dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:13:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
843
etag
W/"f189b32857eb088085866e91a3cce2a1"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UruE8Ur1yeHSoD%2F8q5hJNgmwYXnTVLmZlcCzP1LsCxcYSizvxCta7UisMHwAI0kLXywhLcRbI75Jxa0n5EPNN0%2FqyavN1LW03UezGx7pXj4fCOYVwxLwBY9x6H1Il98Y2%2BgLvoJn%2FDJ4LA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
8012cf8118a74bd5-BUF

Redirect headers

date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
843
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=djkGqHgc%2BBfCThVgIFIznB2mmfK5rDnkH%2FkXw5JmaZgLN48FPzGjPwxUHI4Zh%2F7byplvzcKpFQpFy9fSMJEqkcGerKjBzxjmYaYFeygKeH0dUsD8R9cxb9qwrGGFqnaSE3diegwV%2BMXlMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?o=5080945107927040&domain=shefinds.com&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
8012cf7ea8784bd5-BUF
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame B3F9 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.102.49 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-102-49.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 04 Sep 2023 02:45:24 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame B3F9 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 11:35:10 GMT
content-encoding
gzip
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:15 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
53715
x-amz-server-side-encryption
AES256
etag
W/"560498a44e7d42477433425cdafd6a16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
TKI69gZclG-iJT0o5QslNrrpbj91Ap6Pj2CH4UeR_V2UiOps-_ksfA==
ima.js
cdn-ima.33across.com/ Frame B3F9 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ima.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.152.89 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 04 Aug 2023 18:38:36 GMT
server
cloudflare
age
294953
etag
W/"64cd45ac-60bb"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
8012cf791e3ea1f6-YYZ
expires
Thu, 07 Sep 2023 02:30:25 GMT
hadron.js
cdn.hadronid.net/ Frame B3F9 		55 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&_it=amazon&partner_id=471
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
1797
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8012cf738cc84bcc-BUF
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame B3F9 		118 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
NZGZF22DA6X55N2Z
age
2080
etag
W/"7799d2904b6b2427a4713f4da8b71602"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8012cf73893f4bcd-BUF
x-amz-id-2
9ODLf4FiT/PvJBsNSuNeBWOIUC7gfUfoqt13l19MRSVAGmrRdWiwS7SqLIJ07AWWdi+jk5XW3ea5Hw3dJfzUpA==
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame B3F9 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.102.49 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-102-49.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Mon, 04 Sep 2023 02:45:24 GMT
multitracking
ghb.spotim.market/adunit/ Frame B3F9 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.shefinds.com
Date
Mon, 04 Sep 2023 02:30:24 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
rum
dsum-sec.casalemedia.com/ Frame B3BE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Date
Mon, 04 Sep 2023 02:30:24 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
crum
dsum-sec.casalemedia.com/ Frame B3BE
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=ee57f448535302e4cae242ff57a5b5b8
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=ee57f448535302e4cae242ff57a5b5b8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:24 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=ee57f448535302e4cae242ff57a5b5b8
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crum
dsum-sec.casalemedia.com/ Frame B3BE
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=xpnh5uy0e112
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=xpnh5uy0e112
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

lws
224
date
Mon, 04 Sep 2023 02:30:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
accept-encoding
utf-8
time-ms
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=205&external_user_id=xpnh5uy0e112
cache-control
no-cache, no-store
content-length
0
crum
dsum-sec.casalemedia.com/ Frame B3BE
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
764
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8012cf75ccd34bcc-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame B3BE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8CHPSNWQBR1651T86W4Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B3BE
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame B3BE 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-0f9660165.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
2pOu2yp9RF4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
user-registering
ads.stickyadstv.com/ Frame B3BE
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AACX7E7J6oIAACoiJc0fIg&dataProviderId=817&gdpr=0
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
0
0
setuid
prebid-server.rubiconproject.com/ Frame B3BE 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
vendors-node_modules_spotim_notifications-bell_dist_notifications-bell_js-node_modules_spotim-be146c-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.83.12/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.83.12/vendors-node_modules_spotim_notifications-bell_dist_notifications-bell_js-node_modules_spotim-be146c-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b758a777aceb46ebbd79d05ec54618696182e0b29dd7dc679e0403f085cbcd4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 09:17:29 GMT
content-encoding
br
via
1.1 a3cc1cfce2f0f18de36e3834e18556b8.cloudfront.net (CloudFront)
x-amz-version-id
_DRzh5onPcankJ9iwzZSEJhOCrdQ.OJG
x-amz-cf-pop
JFK52-P1
age
1185176
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
6802
last-modified
Mon, 21 Aug 2023 09:12:06 GMT
server
AmazonS3
etag
"2a2ba2dce746d63e4c2ae22fe4d9e875"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
CA6m5-zb0uqWDmiyb7WBu0tq79WARa0kiZHNFXv7v8YP-aE3HKhLfg==
conversation-component-bundle.js
static-cdn.spot.im/production/conversation/tags/v3.83.12/ 		116 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/conversation/tags/v3.83.12/conversation-component-bundle.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d45078a116638574e085806e50bed6d3c6976b816ba3031a3b427615eb5992f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 09:17:29 GMT
content-encoding
br
via
1.1 a3cc1cfce2f0f18de36e3834e18556b8.cloudfront.net (CloudFront)
x-amz-version-id
X5PZo5Bub1lbMv47I2Sjr6SAASjIeyq9
x-amz-cf-pop
JFK52-P1
age
1185176
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
31136
last-modified
Mon, 21 Aug 2023 09:12:06 GMT
server
AmazonS3
etag
"fc3ebd91a15cd83f1c92e140ee6bf856"
vary
Origin
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
dgyFpbGFxqcK-VSZQcGO4Nlo9TS9kZvAlXqZPWYw9Ho2M51cq_uA9A==
ads.css
static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ads.css
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94be8fe6d8e61460a6f3ef1f0d3db8853864b5c9a3c22fecb2b32472c1325fd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
tGjio8bXwcB5IW32rYNy29iYykAc0e1r
content-encoding
br
via
1.1 a3cc1cfce2f0f18de36e3834e18556b8.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 08:02:01 GMT
last-modified
Fri, 25 Aug 2023 08:28:48 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
66503
x-amz-server-side-encryption
AES256
etag
W/"f571d34e45f8fa112229e497c8686168"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
x-amz-replication-status
COMPLETED
x-amz-cf-id
SdGoD682CfPDgXU5ca5jQci_4aWTfSqhA_-9Y80L3bjvfKFMIJBF2A==
csync
sync.spotim.market/ Frame CA2D 		43 B
469 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=448580&extuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D448580%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:24 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent
activeview
pagead2.googlesyndication.com/pcs/ Frame CC71 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCQ6lVvln463QEWO8kIcXlBHO7llEi8wS3167PHtqmQrGFnbWi_Js9oruVfEiGq5qucQ3irhgzWE_PO8XDSuXQ-5ylX7zCY7JFFniCDb9ZM9mCFr7bd-J9mvc2yV72&sig=Cg0ArKJSzI4vhb0WsPT_EAE&id=lidar2&mcvt=1477&p=1101,436,1191,1164&mtos=1477,1477,1477,1477,1477&tos=1477,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1151207275&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693794614200&rpt=8937&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		138 B
814 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bc31b9b025827153b089db7a3fbe7ce7573c2659789b5cc03e26c4db75ad9d26
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
an-x-request-uuid
881b8328-0fb5-4515-bab6-bc4a30f87b8c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=27957730&componentId=prebid&componentSubId=mustang&timestamp=1693794624655&_fw_bidfloor=7.5&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-207749069&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&playerSize=400x300&video_context=outstream&video_placement=3&video_plcmt=4
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794624673007-323
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		0
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=27957730&componentId=prebid&componentSubId=mustang&timestamp=1693794624656&_fw_bidfloor=7&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-207749068&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&playerSize=400x300&video_context=outstream&video_placement=3&video_plcmt=4
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
x-sticky-debug
Request blocked, limitation reached
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e126f5d62d08306cb1b2f1b79e834f075abe3241f86cc1606435ad53c8af1d2

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alzBHBySUIlXeRzwgXGSV0h2JbGJV0IgfrpunR6pcIll5PaCBuMWyBv6KMhavjXKUnescXxod3f7kknIFqIBtApspDVmD2%2BGQrxB5%2B8BPcODoq2T97oEdyq8CQUjow9SOozrKtjP"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf74296e542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
tag
p4dt2-980w2.ads.tremorhub.com/ad/ 		55 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p4dt2-980w2.ads.tremorhub.com/ad/tag?adCode=p4dt2-ug5of&playerWidth=400&playerHeight=300&srcPageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&supplyCode=p4dt2-980w2&mediaId=VideoId&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&transactionId=64a62983-eb29-4369-b6e3-58c080ec0a59&floor=USD:2&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&us_privacy=1---&hb=1&fmt=json
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:a50d:a252:f0a2:d6f2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b9ef6b93b933f351d6260ea0b61c8d4e15cad49611918012783162d31113573d

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
gzip
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.shefinds.com
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
225a5216b8cb1515c5e2c41d82ae98e596e9589bac7d044808d6c75fa74a4087

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsFBpopoQ36uTZQkoFphPheeI9tsiIKgtItwOt8e77AcGcznI7b8qLGO32obrI6u1ovgKNYHigjDURRNv8FnASHevgouX794STZS8YB5RDU8UBq%2F1pA4WKaPMz9J2lkco4lfUOeO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf742975542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=25931234&componentId=prebid&componentSubId=mustang&timestamp=1693794624659&_fw_bidfloor=15&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-690410410&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&playerSize=400x300&video_context=outstream&video_placement=3&video_plcmt=4
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794624677010-140
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 4798 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:24 GMT
setuid
prebid-server.rubiconproject.com/ Frame DB7A 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
receive
pixel.tapad.com/idsync/ex/ Frame DB7A 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=807b31b8-f16a-08a2-12ba-fa1893bbbce7
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame DB7A 		0
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=a8c1c1cd-7207-0f6c-0b7c-a3c437948982
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame DB7A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=d3c33d22-672a-0345-0722-e23d99ac1c33
  • https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=032c78c2576f980deb89ab8b3334f44a1de58bbb8cf082292dbbcdc65b54d5d5c0cb235b3774c97e&cb=02232696
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=032c78c2576f980deb89ab8b3334f44a1de58bbb8cf082292dbbcdc65b54d5d5c0cb235b3774c97e&cb=02232696
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
M9YPV7PQKVJ870Y3Z54X
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://s.amazon-adsystem.com/dcm?pid=1f9f6bba-5ede-4cb5-997f-f0d0b894f672&id=032c78c2576f980deb89ab8b3334f44a1de58bbb8cf082292dbbcdc65b54d5d5c0cb235b3774c97e&cb=02232696
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame DB7A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=2535980227366638075
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=2535980227366638075
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
an-x-request-uuid
6286b5e0-9cb5-4bbc-8f5c-295897b0106f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame DB7A
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3723847017943428256&gdpr=0&gdpr_consent=&us_privacy=1---
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3723847017943428256&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3723847017943428256&gdpr=0&gdpr_consent=&us_privacy=1---
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame DB7A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZPVBNgANs6j7wQAb
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZPVBNgANs6j7wQAb
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4578-YYZ
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693794625.094237,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZPVBNgANs6j7wQAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
iu3
s.amazon-adsystem.com/ Frame DE9E 		277 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
61d2347d34e408afb8e843ad9b457fc586e17a278cf4d15db752ecae5bf6aae9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
277
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:30:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
84H6X1WJE3AA2R6A6D8Y
csync
sync.spotim.market/ Frame 7CFF 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 7CFF 		32 B
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
via
1.1 2c00b6f1d42245c6c3867cc4dfa7f32e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
BOS50-C3
age
423
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
8012cf74cf9b4bcf-BUF
x-amz-cf-id
UzbCBp9a0d8T4M4WiOFJifbWtLbs0bh-eLIhcPOkwtzMWDa_bBa6_w==
expires
Mon, 04 Sep 2023 03:30:24 GMT
metrics
connect-metrics-collector.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: api.viglink.com
URL: https://api.viglink.com/api/sync.js?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:26 GMT
content-length
0
vary
Origin
usync
ssp.api.tappx.com/cs/ Frame 8321
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D32%26type%3Diframe%26id%3D%24UID%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=2535980227366638075&auxuid=
0
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=2535980227366638075&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:24 GMT
an-x-request-uuid
827d964e-ff5d-4d02-b7f5-f0d4999b97c2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ssp.api.tappx.com/cs/usync?idmn=32&type=iframe&id=2535980227366638075&auxuid=
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.loopme.me/ Frame 8321 		0
0
usync
ssp.api.tappx.com/cs/ Frame 8321
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D45%26type%3Diframe%26id%3D%5Bsas_uid%5D%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=45&type=iframe&id=990277896830277133&auxuid=
0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=45&type=iframe&id=990277896830277133&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=45&type=iframe&id=990277896830277133&auxuid=
date
Mon, 04 Sep 2023 02:30:24 GMT
content-length
0
usync
ssp.api.tappx.com/cs/ Frame 8321
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=skJudSCZ30&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D108%26type%3Diframe%26id%3D%5BPDID%5D%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=3cef9c40-0887-435c-b965-1zz1693794609&auxuid=
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=3cef9c40-0887-435c-b965-1zz1693794609&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=108&type=iframe&id=3cef9c40-0887-435c-b965-1zz1693794609&auxuid=
date
Mon, 04 Sep 2023 02:30:16 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
content-type
text/html; charset=UTF-8
2535980227366638075
sync.1rx.io/usersync3/appnexus/2064/ Frame 8321
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2064%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=8882392915
  • https://sync.1rx.io/usersync3/appnexus/2064/2535980227366638075?zcc=0&sspret=1&rndcb=8882392915
43 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/appnexus/2064/2535980227366638075?zcc=0&sspret=1&rndcb=8882392915
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
Tengine
Connection
keep-alive
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
an-x-request-uuid
43e7c982-e97b-45aa-8b60-69fe6e14a6bd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.1rx.io/usersync3/appnexus/2064/2535980227366638075?zcc=0&sspret=1&rndcb=8882392915
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync
ssp.api.tappx.com/cs/ Frame 8321
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=49574e61&gdpr=&gdpr_consent=&tappx=1
  • https://ssp.api.tappx.com/cs/usync?idmn=80&id=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
0
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=80&id=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=80&id=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
date
Mon, 04 Sep 2023 02:30:25 GMT
content-length
0
usync
ssp.api.tappx.com/cs/ Frame 8321
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D28%26type%3Diframe%26id%3D%24UID%26auxuid%3D&gdpr=&gdpr_consent=
  • https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=4187545677285024608258&auxuid=
0
429 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=4187545677285024608258&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=28&type=iframe&id=4187545677285024608258&auxuid=
date
Mon, 04 Sep 2023 02:30:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync
ssp.api.tappx.com/cs/ Frame 8321
Redirect Chain
  • https://s.c.appier.net/tappx
  • https://ssp.api.tappx.com/cs/usync?idmn=728&id=aSNLhRAjA0awXQ-rPEH1ZA
0
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=728&id=aSNLhRAjA0awXQ-rPEH1ZA
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

date
Mon, 04 Sep 2023 02:30:25 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssp.api.tappx.com/cs/usync?idmn=728&id=aSNLhRAjA0awXQ-rPEH1ZA
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
96
usync
ssp.api.tappx.com/cs/ Frame 8321
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1934&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D253%26type%3Diframe%26id%3D%7BPUB_USER_ID%7D%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&auxuid=
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=253&type=iframe&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&auxuid=
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usync
ssp.api.tappx.com/cs/ Frame 8321
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43929&callback_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D724%26type%3Diframe%26id%3D%24%7BUSER_ID%7D%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&auxuid=
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ssp.api.tappx.com/cs/usync?idmn=724&type=iframe&id=e2796388-aa83-53f7-8a8c-6ae8ee792bd3&auxuid=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
usync
ssp.api.tappx.com/cs/ Frame 8321
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub6192414557248&gdpr=&consent=&us_privacy={{US_PRIVACY}}
  • https://ssp.api.tappx.com/cs/usync?consent=&gdpr=&id=OPU641abfc9db6847f0ab54e557609fb367&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?consent=&gdpr=&id=OPU641abfc9db6847f0ab54e557609fb367&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
server
nginx
access-control-allow-methods
POST, GET
content-type
text/html; charset=utf-8
access-control-allow-origin
*
location
https://ssp.api.tappx.com/cs/usync?consent=&gdpr=&id=OPU641abfc9db6847f0ab54e557609fb367&idmn=1135&us_privacy=%7B%7BUS_PRIVACY%7D%7D
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length
171
expires
Mon, 01 Jan 1990 00:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame 8321 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=tappx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=c2daf9e7-47e6-49b9-b795-e5324b079ad1f1a
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
crum
dsum-sec.casalemedia.com/ Frame B92C
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657024
43 B
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657024
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:25 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

cache-control
no-cache
content-length
0
date
Mon, 04 Sep 2023 02:30:24 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657024
events
api.permutive.com/v2.0/batch/ 		101 B
129 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
be92a2ad52afeb0323d6168d96e8437e9609f51c24f7fa4d3d58befee5303228

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
iu3
s.amazon-adsystem.com/ Frame 4F86 		277 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
61d2347d34e408afb8e843ad9b457fc586e17a278cf4d15db752ecae5bf6aae9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
277
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:30:24 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BRRKHX4VK0WGQVV1G4D3
csync
sync.spotim.market/ Frame EA4B 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:24 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame EA4B 		32 B
95 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
via
1.1 2c00b6f1d42245c6c3867cc4dfa7f32e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
BOS50-C3
age
423
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
8012cf75dfa34bcf-BUF
x-amz-cf-id
UzbCBp9a0d8T4M4WiOFJifbWtLbs0bh-eLIhcPOkwtzMWDa_bBa6_w==
expires
Mon, 04 Sep 2023 03:30:24 GMT
grumi-ip.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame EF3F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/ads/tags/v22.4.0/ads/ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
21de32a31b934126535d48ccc684d18827d937d7e08d68cb68149a894b914d62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
cajW43s2zOUREzaSfVxr.FHBs4V63Z1V
content-encoding
br
last-modified
Thu, 24 Aug 2023 09:34:49 GMT
server
AmazonS3
via
1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"dbb50c1d59c31f0ccd09001e145c285f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
age
2044
x-amz-cf-id
btK7DKe6YFg5I93mbu1Ke2ZhQ86ssTAphwD7Hm7yWmtzqwjRhxO1eA==
hb_270443_31.js
player.spotim.market/prebidlink/470498/ Frame EF3F 		915 B
782 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/470498/hb_270443_31.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
4af01de6edddfe590291aef2b58fa92339021eb6abeea780f251804633969948

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:25 GMT
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 06:11:21 GMT
server
nginx
etag
W/"64f2d209-393"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame EF3F 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c428dd2c3d6d9207eda47bc55dc846991c004be03d109546e4e1f449bfa4022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29089
x-xss-protection
0
server
cafe
etag
525 / 19604 / 31077537 / config-hash: 15830000896466728742
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:24 GMT
wrapper_hb_270443_31.js
player.spotim.market/prebidlink/470498/ Frame EF3F 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/470498/wrapper_hb_270443_31.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
22029b0c2d59fb711dda73be5381c426b3fbbd26405751e5749958ed5b381868

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:25 GMT
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 06:11:21 GMT
server
nginx
etag
W/"64f2d209-85d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4798 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2138938937412773&correlator=730877363722212&eid=31076165&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=39694909%3A22607427172%2CDBV%2CDBV_Shefinds&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C320x250&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Df4365ba33414e7f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MazNz2hq7EamHvgy9Von-nafnO9QQ&cdm=www.shefinds.com&gpic=UID%3D000009fc561c41f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MbKlL1TgVc1-vhqOeuMOl23b4vyjg&abxe=1&dt=1693794624977&adxs=320&adys=5950&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=l395voy6bjl1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=www.shefinds.com&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&top=www.shefinds.com&vis=1&psz=336x280&msz=336x0&fws=260&ohw=336&ea=0&ga_vid=1789139906.1693794608&ga_sid=1693794625&ga_hid=1606506977&ga_fc=true&dlt=1693794614648&idt=4892&prev_scp=pitcSpotId%3Dsp_BbylgSbK%26abTestVersion%3DB%26assetGroupId%3Dstable%26isStickyAdUnit%3Dfalse%26pageViewId%3De3a6c02f-3821-4966-b815-070e1fd3f4b8%26slot%3Drow1-column1%26source_version%3Dv22.4.0%26topSpotId%3Dsp_BbylgSbK%26source%3Dpitc%26hb_rfBid%3D0%26amznbid%3D2%26amznp%3D2%26is_vmhbmp%3Dtrue%26hb_override_id%3D5360298%26hb_buyer_id%3D16161%26hb_div_id%3Ddiv-gpt-ad-1513243389139-0%26hb_r_id%3D15b87daf384d814%26hb_site_id%3D610%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D665db243b161549%26hb_bidder%3Dadyoulike%26excl_cat%3DPREPOST&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fwww.shefinds.com%252Fcollections%252Fwalmart-packaging-change%252F%26hb_strategy%3DA&adks=3118280184&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl_fy2021.js?cb=31076165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5820de399e2b9495b17ba2f3092f1767d58ef94bff5fa5f8f3c118b26f0fbcb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11760
x-xss-protection
0
google-lineitem-id
4511920764
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219241038
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixels
pix.spot.im/api/v1/ 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
e20Bpx6Sb955RRMtL6emIeMmatSAYogw-orRzkqBuRFlqTzo2Pl8Vw==
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4798 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl_fy2021.js?cb=31076165
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c96120a4fd07187e4c39edd86356b7135191b773821d8b61f1f54d4df9ece5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11902
x-xss-protection
0
container.html
5c6f324fe02b48e91c788ce69d0dbd42.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8A82 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5c6f324fe02b48e91c788ce69d0dbd42.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl_fy2021.js?cb=31076165
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:25 GMT
expires
Tue, 03 Sep 2024 02:30:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
iu3
s.amazon-adsystem.com/ Frame B5C3 		277 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
61d2347d34e408afb8e843ad9b457fc586e17a278cf4d15db752ecae5bf6aae9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
277
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:30:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SHT4R4RHPXAZSVZQFAGB
0.6c6348ebc294aacf1fc2.js
ads.blogherads.com/static/chunks/ Frame AF10 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/0.6c6348ebc294aacf1fc2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5H0B20P1N7708Z
age
1802
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
CcyfsDsCRPL9CBtE+Nzvt+B+dzUBwd5ztTfOQc2uCLugO7s7TFGaYh9kObVkY0h9faDWLNgzxwY=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794625.017257,VS0,VE0
etag
W/"adbbea4ed0d19fcf33cae37dd9ad4855"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
139
vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
ads.blogherads.com/static/chunks/ Frame AF10 		76 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/vendors~amp-prebid-integration~boomerang-prebid-integration~postbid-prebid-integration~waterfall-pre~ee04b93a.fbba40a6dc57384702c5.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0D5XDQ73PBC8J5XG
age
1802
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
EM4KAzXYBWbRhwgALL2qF3iEOzT8r7GRwWz2LvxKMisrC9N4KJoHWjb8V9EvyuXrPpjiG8jUx+E=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794625.023823,VS0,VE0
etag
W/"8a4de88af87f2e76e0a9e1e1306ccdf3"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
157
postbid-prebid-integration.adda40bfac824b1494e9.js
ads.blogherads.com/static/chunks/ Frame AF10 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/postbid-prebid-integration.adda40bfac824b1494e9.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2d1946cab10182e8a80eec47ae0c2023cffa0fc715b041d53f1cd4e2ec679c8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HDBEPK9GWG5BSJQ2
age
1800
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
PY+BUGo9sS9Scl4xLEA7uKYfuU2+8IYbPrury8/gU8H8gUiLBI+C6PG3SQWcMBj4WESJ2vUMapQ=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:33 GMT
x-timer
S1693794625.024756,VS0,VE0
etag
W/"2654990d140e86f395d6fd898b941cd7"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
58
hbp_master_307825_11600.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 7923 		315 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19604/hb_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bd1ffd0298a29b2df605ae5f258324b2a5a0f8fa59f74efd92b775c72c17b086

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:25 GMT
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 13:16:06 GMT
server
nginx
etag
W/"64ac0496-4eb0b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hbp_master_307825_11596.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 8419 		315 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19604/hb_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bd1ffd0298a29b2df605ae5f258324b2a5a0f8fa59f74efd92b775c72c17b086

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:25 GMT
date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 13:16:06 GMT
server
nginx
etag
W/"64ac0496-4eb0b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
metrics
signal-metrics-collector-beta.s-onetag.com/ 		0
73 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.181.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:26 GMT
content-length
0
vary
Origin
track
track1.aniview.com/ Frame 0545 		0
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=pitc&cd4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&cd5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.4.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.123&apppkg=&fv=1&proto=https&clsid=784c090b-e0d6-48a9-8d0a-1cca998d9521&rando=67
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 1D42 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=lSparBrfb8Y-ave85jTQ_SeEIm_3T_sEOB1hSl-my5M
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
d67ad46d58ddbab9fb03c088eabaaff8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame 1D42 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=5e0e296628a061270b21ccab&key=lSparBrfb8Y-ave85jTQ_SeEIm_3T_sEOB1hSl-my5M&gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame 16A8 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:25 GMT
Expires
0
Pragma
no-cache
usync
ssp.api.tappx.com/cs/ Frame 7BB2
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D50%26type%3Diframe%26id%3D%24UID%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=50&type=iframe&id=640113117700930142&auxuid=
0
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=50&type=iframe&id=640113117700930142&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:25 GMT
server
nginx
transfer-encoding
chunked

Redirect headers

content-length
0
content-type
text/plain
date
Mon, 04 Sep 2023 02:30:25 GMT
location
https://ssp.api.tappx.com/cs/usync?idmn=50&type=iframe&id=640113117700930142&auxuid=
server
nginx
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6475 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101342
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:25 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 606B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=tappx&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:25 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
server
AkamaiGHost
usync
ssp.api.tappx.com/cs/ Frame AAC7
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D13%26type%3Diframe%26id%3D%24UID%26auxuid%3D
  • https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HQzWZQZHTprevADoQOeL11M1&auxuid=
0
431 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HQzWZQZHTprevADoQOeL11M1&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:25 GMT
server
nginx
transfer-encoding
chunked

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:25 GMT
Location
https://ssp.api.tappx.com/cs/usync?idmn=13&type=iframe&id=HQzWZQZHTprevADoQOeL11M1&auxuid=
X-Sovrn-Pod
ad_ap7ewr1
/
de.tynt.com/deb/ Frame 00B6
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
c2d276985e5f2143dddcb2c771c522ccc853210195098e6bec43d1b005b3b056

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2123
content-type
text/html
date
Mon, 04 Sep 2023 02:30:25 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:30:24 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8340000A
user-sync
sync.adkernel.com/ Frame F1E9 		761 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
e62ccbe17b01440db36138ad3f9a9c193d4a5470eabe7f0e10079030693cab38

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
761
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Sep 2023 02:30:25 GMT
Pragma
no-cache
Server
nginx
db_sync
px.ads.linkedin.com/ 		0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=15697&puuid=HQzWZQZHTprevADoQOeL11M1&rand=84287&pu=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 219FB8B3FBC04E03AF6D3088697CADB1 Ref B: EWR311000101035 Ref C: 2023-09-04T02:30:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEf0r1SnQMCtUkN3z1Hg==
tap.php
pixel.rubiconproject.com/ Frame CF70 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=0_h1izAnadB5uThRmKm2gEtqxmfsPOimO4wpGk7MlMY
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
8bab65602db075726861004da5629947
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame CF70 		0
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=5e0e296628a061270b21ccab&key=0_h1izAnadB5uThRmKm2gEtqxmfsPOimO4wpGk7MlMY&gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 719E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmM6-gXOeaIB8yHOLOhTAg767Z39Fkp0NLDUaPaTrifON8lel6OsFfPznWTm3ammdLJ01LX54MGXjFOwc_YPW3qFCvwd3SNE_tB7uJ9WajaXfdONVcptgzqRC05h9d6t0PuCUkHJ20xvOigub-xCXe65TG5dLAySgELscT_ZNkjdE3s_vLbjicstq9-vHi6CsdI7rTNc6eekm-tHFLp-tV608VbYUHmNkGjx-KAXcRFmDaPfcXpRYHee-laSpExXBCKbFHOkUuDiPLU4AKk2R3U4gbWwHsO9L_TvUOFqHe_8PIlgAIg_H1AhnZHUTgpQSTJc81gj90EgV4&sai=AMfl-YRNOLurwn4paOVH2Uds_E_8ghocWavQb3eiwlISFgJ0EUrDpgQ20aqe-0q7X-2Q0PM7TcuAis-3hk-sO4bTNVSOWL-aLTjUL2sNUk5KL7iYo7rkHGEJDYAmgUHQxlzMC_VtUGEOrLQBYjoUWtNhd5k&sig=Cg0ArKJSzFWLusIR-JDAEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:25 GMT
iu3
s.amazon-adsystem.com/ Frame F4C3 		277 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
61d2347d34e408afb8e843ad9b457fc586e17a278cf4d15db752ecae5bf6aae9
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
277
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:30:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BWWS7JW44ZFCF4H2AJXD
setuid
prebid-server.rubiconproject.com/ Frame BDE9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
an-x-request-uuid
79fbcb12-3fdf-4b5a-82b2-e7a5668b5943
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 8D98 		531 B
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3bea12ce8edd3de9813276b4ff5e763696406d71375740bb89289d345533529c
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
531
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:30:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
4HC4ZHB3KQGM75VC1RYX
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4798 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:30:25 GMT
setuid
prebid-server.rubiconproject.com/ Frame CC71
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
an-x-request-uuid
a6f9ae6c-7c98-437d-b7b5-3bee6d301a05
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame B3F9 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:25 GMT
track
track1.aniview.com/ Frame 48B0 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=US&cos=Windows&r=www.shefinds.com&rs=www.shefinds.com&sid=18112&t=1693794620&cip=96.9.249.45&sn=&tgt=0&osv=10&bv=116.0&brn=Chrome&wi=400&he=300&app=&AV_PUBLISHERID=5e0e296628a061270b21ccab&test=&d64=1a40e6f34bd915e709c562e00afb4568&d63=1a40e6f34bd915e709c562e00afb4568&aafaid=&proto=https&uid=1693794619884-964393778739-001213-003-001685&cha=0.05&stagid=&stplid=&d35=&d36=6.2.123&cb=12050031408&d39=&d65=&d66=&d74=&d56=&apppkg=&cd13=false&cd14=%5B%5D&cd15=ads&cd1=sp_BbylgSbK&cd2=Desktop&cd3=pitc_dd&cd4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&cd5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.4.0&cd11=B&d9=0000&d37=realtime&AV_WIDTH=400&AV_HEIGHT=300
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
cm
u.openx.net/w/1.0/ Frame 37CA 		844 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5608096fc9cedaf1a8f8827c7af2fdd22288946d021d76c627f1e33ea3e9667f

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
529
content-type
text/html
date
Mon, 04 Sep 2023 02:30:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ 		832 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/808-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
9ae8e51419ec5f93e3bbe560ae14a16102955743745d988536c0faf6d7c23bc2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
x-post-id
907296
accept-language
en-US,en;q=0.9
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json
Accept
application/json
x-spot-id
sp_BbylgSbK
x-spotim-page-view-id
e3a6c02f-3821-4966-b815-070e1fd3f4b8
Referer
https://www.shefinds.com/
x-access-token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfWHFWU21IcVMzbWhwIiwiZGlzcGxheV9uYW1lIjoiR29sZFNlYWhvcnNlIiwidXNlcl9uYW1lIjoiR29sZFNlYWhvcnNlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI0dvbGQtU2VhaG9yc2UiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNjkzNzk0NjEzLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTA0MzZVVEVaLjYwY2EwNzI0MzkwMjZhYWJiOTJlNWEwY2VhZmU3ZGI3YTJmNjkxYWY1MzM1OGMwZDM5Zjc5YjMzY2FkZjQ1MzMiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfak5iQnVqbEpGVnJGbkxJem9qaHEiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjIyMTY2MTMsInN1YiI6InVfWHFWU21IcVMzbWhwIn0.DyXOAZDGk1SMseij3V3pEHaBohLQvabb42YgXQ7-ZSE

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
x-spotim-device-uuid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
via
1.1 f8b0654d6e6bbf12f54a635de5db7ee4.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-spotim-networkid
spotim
x-spotim-token
0123090436UTEZ.60ca072439026aabb92e5a0ceafe7db7a2f691af53358c0d39f79b33cadf4533
x-request-id
012e227f-4acb-11ee-aaa2-be7b524da28e
x-guid
0d352daf-04c4-4bf7-b665-23cc0cfe7134
server
fasthttp
x-spotim-device-v2
d_jNbBujlJFVrFnLIzojhq
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
x-amz-cf-id
qtk2zKV6zq5asi7go3aVAqp51xVIzjxTjDIxeOuO_6CO11ylZbwGMQ==
read
api-2-0.spot.im/v1.0.0/conversation/realtime/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api-2-0.spot.im/v1.0.0/conversation/realtime/read
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-59.jfk50.r.cloudfront.net
Software
fasthttp /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-access-token,x-post-id,x-spot-id,x-spotim-device-uuid,x-spotim-device-v2,x-spotim-page-view-id
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid,x-openweb-module-name,x-openweb-module-version,x-full-url
access-control-allow-methods
GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-expose-headers
x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid,x-reset-token
access-control-max-age
86400
content-length
0
content-security-policy
default-src 'none'; img-src 'self'; script-src-elem connect.facebook.net; style-src-elem 'unsafe-inline'; style-src 'self' 'unsafe-inline'; style-src-attr 'unsafe-inline'; report-uri https://o294277.ingest.sentry.io/api/4505425533272064/security/?sentry_key=f16f012f16c94b179d820f4d5e9c39ff
date
Mon, 04 Sep 2023 02:30:25 GMT
server
fasthttp
strict-transport-security
max-age=31536000
via
1.1 6e202b767e6bdee837ba15ada7e3120e.cloudfront.net (CloudFront)
x-amz-cf-id
mGgsglFfxXn3IiWqorBc7z2C0_W6KIrTRrpAeEBaX0-vJ_iRwSi-Tg==
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
pr
s.amazon-adsystem.com/v3/ Frame 840C 		531 B
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
d1696ff2b156cf1853f5ed0651f3500ce58edffe63903daf2cc8175e92ac1059
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
531
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:30:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
56J91BZCYA6KZYEYSSPB
csync
sync.adtelligent.com/ Frame 19F0 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:25 GMT
Etag
afa0c925be107120
Server
Adtelligent
usync.js
eus.rubiconproject.com/ Frame 606B 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57915
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame F2B5 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=13502, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Mon, 04 Sep 2023 06:15:27 GMT
user-sync
sync.adkernel.com/ Frame F1E9
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D631495%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
an-x-request-uuid
21d4070d-274a-4088-ad3f-927ed8b416ec
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 0F45 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=13501, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Mon, 04 Sep 2023 06:15:27 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame 4798 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.102.49 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-102-49.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Mon, 04 Sep 2023 02:45:25 GMT
pr
s.amazon-adsystem.com/v3/ Frame 8316 		531 B
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
61d524703c0479204aea0065c6acdf38b512ef639081bf39e2695cff12834b1e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
531
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:30:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
PM5Y8G808N2YRN27RMVP
setuid
prebid-server.rubiconproject.com/ Frame 6B4A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
an-x-request-uuid
5ea0b938-b9f4-416b-a278-cc5590bdcc4e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EF61 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101342
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:25 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ads
securepubads.g.doubleclick.net/gampad/ Frame B3F9 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1264610274171070&correlator=319981003250882&eid=31077576%2C21065725&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=39694909%3A22607427172%2CDBV%2CDBV_Shefinds&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C320x250&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Df4365ba33414e7f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MazNz2hq7EamHvgy9Von-nafnO9QQ&cdm=www.shefinds.com&gpic=UID%3D000009fc561c41f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MbKlL1TgVc1-vhqOeuMOl23b4vyjg&abxe=1&dt=1693794625466&adxs=320&adys=6921&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=px9e7fqcamg7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=www.shefinds.com&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&top=www.shefinds.com&vis=1&psz=336x280&msz=336x0&fws=260&ohw=336&ea=0&ga_vid=1789139906.1693794608&ga_sid=1693794625&ga_hid=466463727&ga_fc=true&dlt=1693794614654&idt=5026&prev_scp=pitc_ddSpotId%3Dsp_BbylgSbK%26abTestVersion%3DB%26assetGroupId%3Dstable%26isStickyAdUnit%3Dfalse%26pageViewId%3De3a6c02f-3821-4966-b815-070e1fd3f4b8%26slot%3Drow1-column1%26source_version%3Dv22.4.0%26topSpotId%3Dsp_BbylgSbK%26source%3Dpitc_dd%26hb_rfBid%3D0%26amznbid%3D2%26amznp%3D2%26is_vmhbmp%3Dtrue%26hb_override_id%3D2934506%26hb_buyer_id%3D15366%26hb_div_id%3Ddiv-gpt-ad-1513243389139-0%26hb_r_id%3D32041ac69597f8f%26hb_site_id%3D610%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.05%26hb_adid%3D67016cca5b9b208%26hb_bidder%3Dadyoulike%26excl_cat%3DPREPOST&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fwww.shefinds.com%252Fcollections%252Fwalmart-packaging-change%252F%26hb_strategy%3DA&adks=3118280184&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
538daaf8792da3aa24a00df9530e87b4ddab90da8149879899321da94d949850
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11752
x-xss-protection
0
google-lineitem-id
4511920764
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219241038
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B3F9 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ad7728db4bca07592a10b2c8c21c42cf864aaa8ad5ae4b5a01cb34bd6ac06a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11865
x-xss-protection
0
container.html
2764921fbb442ed2ee8be03cdb4b7c51.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5039 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2764921fbb442ed2ee8be03cdb4b7c51.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:25 GMT
expires
Tue, 03 Sep 2024 02:30:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 8D98
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2069.5%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=2178463692
  • https://sync.1rx.io/usersync3/appnexus/2069.5/2535980227366638075?zcc=0&sspret=1&rndcb=2178463692
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005%26ex%3Dr...
  • https://s.amazon-adsystem.com/ecm3?id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&ex=rhythmone.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&ex=rhythmone.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
APV23T7WNN32SN4YCNKA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Mon, 04 Sep 2023 02:30:26 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://s.amazon-adsystem.com/ecm3?id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&ex=rhythmone.com
Content-Type
text/html
Connection
keep-alive
ecm3
s.amazon-adsystem.com/ Frame 8D98
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
E6QV2Y3XEWYR2XQ0DMY7
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3161&u=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.107.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-107-138.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
1e9566328ed695496ddcfab7d78dffb01b62ec2e7fe0b2f09d95e8301ce698a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:09:58 GMT
via
1.1 f359087e1d20f17f76b31eb5ffbbd450.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P3
age
1226
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2336
x-amz-cf-id
1wZRycPYTV21kf5ua_NXdwT18saY3QZp6PSeX0JEY_q8HDz1taUlrg==
bid
aax.amazon-adsystem.com/e/dtb/ 		97 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3161&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&pid=CEJ1m21l3mF8s&cb=2&ws=1600x1200&v=23.821.1806&t=2000&slots=%5B%7B%22id%22%3A%22outstreamVideoFloat%22%2C%22mt%22%3A%22v%22%7D%5D&pj=%7B%22us_privacy%22%3A%221---%22%7D&cfgv=1&schain=1.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C&gdprl=%7B%22status%22%3A%22no-cmp%22%7D&vm=%7B%22ids%22%3A%7B%22id5%22%3A%22ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%22%2C%22pubcommon%22%3A%220c438412-c347-4865-90c0-13acb3f712ee%22%2C%22audigent%22%3A%22060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm7g4ko6gzwigwiew6kwomy%22%7D%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.129.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-129-159.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
cd0ecc577dccedea33076edda87af175ef51b0877785460d6ca10a8d6ebfc7ed
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P7
x-amz-rid
KRT30D1V4WQ4DCFVBW0Z
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
97
x-amz-cf-id
KDL2kmp5LOij9GUSNyZsUx6y5v0Z-2G38i8IrK8-bGwE7zD6xmzwnQ==
sca.17.6.2.js
static.adsafeprotected.com/ Frame C073 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
13377551
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
lkPDUBUoxfvH3HAFYM_zFrOg0m87DhYSst_ua4wcwz52tx00VwC9Gg==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930203&campId=728x90&pubId=15403870&chanId=227445190&placementId=5064405287&pubCreative=138308429214&pubOrder=2543335655&cb=694442760&adsafe_par&impId=fc2b2809-4aca-11ee-b76b-0e5bb606f9c9&custom2=ban&custom3=1&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2F&adsafe_type=f&adsafe_jsinfo=,id:4ce580ce-81c5-8dc6-47d2-896525727747,c:naA77c,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-x6p85,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:436.4010.728.90,am:i,cc:436.4010.728.90,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1092,mot:0,app:0,maw:0,fm:tOQRD2r+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e1131%7C1e1132%7C1e1133%7C1e1134%7C1e1135%7C1e1136%7C1e1137%7C1e1138%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g1%7C1h1%7C1h2%7C1h31%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l4%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p151%7C1q1%7C1q2%7C1q31%7C1q32%7C1q33%7C1q34%7C1q35%7C1q36%7C1q37%7C1q38%7C1q39%7C1q3a%7C1q3b%7C1q3c%7C1q3d%7C1q3e%7C1q3f%7C1q3g%7C1q3h%7C1q3i%7C1q41%7C1q42%7C1q51%7C1q521%7C1q611%7C1q6121%7C1q613%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v%7C1w11%7C1x1%7C1x2%7C1x3%7C1x4%7C1x5%7C1x6%7C1x7%7C1x81%7C1x9%7C1xa%7C1xb%7C1xc%7C1xd%7C1xe%7C1xf%7C1xg%7C1xh%7C1xi11%7C1y*.930203%7C1y1%7C1z1%7C110%7C1111%7C1112%7C1113%7C1114%7C11151%7C112,idMap:1y*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1200,oid:ff71ef7f-4aca-11ee-91d4-823ce3b8a007,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
server
nginx
x-server-name
app07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
setuid
prebid-server.rubiconproject.com/ Frame 37CA 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
709996.gif
id.rlcdn.com/ Frame 37CA 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sd
us-u.openx.net/w/1.0/ Frame 37CA
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=2aa8d7ce-b2f5-1013-af72-293d85fa3d29
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=187o3xpzkurax
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=187o3xpzkurax
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=187o3xpzkurax
cache-control
no-cache
cf-ray
8012cf7cee9d4bc7-BUF
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 37CA
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=998b76a1-f817-096b-2ece-f98f440573da&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZPVBQjv-Ym6xZtnfccc18Lbx
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZPVBQjv-Ym6xZtnfccc18Lbx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:26 GMT
server
Aorta/20230817.d884ef624
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZPVBQjv-Ym6xZtnfccc18Lbx
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
d122a480c3ae
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 37CA
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=WVPIeAPrjAu-Ly55cy5HUQ==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 37CA
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=9be4ed3c-c4eb-4966-94aa-5a7f63709496
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=9be4ed3c-c4eb-4966-94aa-5a7f63709496
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=9be4ed3c-c4eb-4966-94aa-5a7f63709496
Date
Mon, 04 Sep 2023 02:30:26 GMT
Connection
keep-alive
X-CI-RTID
023c1a15-1b11-4e81-9911-f40428a88376
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 37CA
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sca.17.6.2.js
static.adsafeprotected.com/ Frame C88B 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:bc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 5301cc544de32ec737d1069c11f7df30.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
13377551
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
_NDe6-2asPGcspnaNYMOnsWuq2NCwt-g-F09roaclXtq4JiF0zGeUQ==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=930203&campId=300x600&pubId=15403870&chanId=227445190&placementId=239329990&pubCreative=138297011555&pubOrder=483446470&cb=2031378576&adsafe_par&impId=fc2b280a-4aca-11ee-b76b-0e5bb606f9c9&custom2=flxrec&custom3=3&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&adsafe_type=abcedq&adsafe_url=https%3A%2F%2Fwww.shefinds.com%2F&adsafe_type=f&adsafe_jsinfo=,id:15d63cd5-bf47-4dd1-c2c3-43e8db94d088,c:naA78k,sl:outOfView,em:true,fr:true,thd:1,mn:jsserver-primary-67bdfc9f5d-vngtk,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:962.7456.300.250,am:i,cc:962.7456.300.250,piv:0,obst:0,th:0,reas:l,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:1211,mot:0,app:0,maw:0,fm:tOQRD2M+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e1131%7C1e1132%7C1e1133%7C1e1134%7C1e1135%7C1e1136%7C1e1137%7C1e1138%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g1%7C1h1%7C1h2%7C1h31%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l4%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p151%7C1q1%7C1q2%7C1q31%7C1q32%7C1q33%7C1q34%7C1q35%7C1q36%7C1q37%7C1q38%7C1q39%7C1q3a%7C1q3b%7C1q3c%7C1q3d%7C1q3e%7C1q3f%7C1q3g%7C1q3h%7C1q3i%7C1q41%7C1q42%7C1q51%7C1q521%7C1q611%7C1q6121%7C1q613%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v%7C1w11%7C1x1%7C1x2%7C1x3%7C1x4%7C1x5%7C1x6%7C1x7%7C1x81%7C1x9%7C1xa%7C1xb%7C1xc%7C1xd%7C1xe%7C1xf%7C1xg%7C1xh%7C1xi11%7C1y1%7C1y2%7C1z*.930203%7C1z1%7C110%7C1111%7C1112%7C1113%7C1114%7C11151%7C112,idMap:1z*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:1249,oid:ff94e0db-4aca-11ee-9912-9a67cf6903be,v:19.8.439,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.32.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-32-208.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
server
nginx
x-server-name
app11.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
onetag-sys.com/usync/ Frame AC9D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
fb0b6f5143bd426f8c61678346a7b98537d7697e45dcaf4e8603010690621a10
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
865
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
152media
sync.quantumdex.io/usersync/ Frame 3BFC 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/152media
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d45ca6e30d73b7b8a54c6ef25f3a8937ed4194a426a8029684c8c111dfebd39c

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012cf7b89434bc1-BUF
content-encoding
gzip
content-type
text/html
date
Mon, 04 Sep 2023 02:30:25 GMT
server
cloudflare
cm
us-u.openx.net/w/1.0/ Frame 565D
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693794625181.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
1 KB
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
cc6b7dc19843946b37a7b4b17fb6686dc16860f95e47ce630cc699116cebb083

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
608
content-type
text/html
date
Mon, 04 Sep 2023 02:30:25 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:30:24 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP006
x-33x-status
40000000008200000A
usync
ssp.api.tappx.com/cs/ Frame 00B6
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1693794625181.&ri=0010b00001siQHqAAM&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D...
  • https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212166994878779&auxuid=
0
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212166994878779&auxuid=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
referrer-policy
unsafe-url
server
33XP018
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://ssp.api.tappx.com/cs/usync?idmn=58&type=iframe&id=212166994878779&auxuid=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 00B6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1696386625%26external_user_id%3D3175ac58-0d9d-47aa-b429-d8f42e050f30
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1696386625&external_user_id=3175ac58-0d9d-47aa-b429-d8f42e050f30
68 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1696386625&external_user_id=3175ac58-0d9d-47aa-b429-d8f42e050f30
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1696386625&external_user_id=3175ac58-0d9d-47aa-b429-d8f42e050f30
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 00B6
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693794625181.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
0
Expires
0
match
events-ssc.33across.com/ Frame 00B6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&ts=1693794626&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&ts=1693794626&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
referrer-policy
unsafe-url
server
33XP005
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&ts=1693794626&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 00B6
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=HLiTh2iyUpl_l7NZChyoE2AJ-S0
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0&ts=1693794626&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0&ts=1693794626&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:25 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0&ts=1693794626&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 00B6
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1693794625181.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=2535980227366638075
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=2535980227366638075
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00001siQHqAAM&ru=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D58%26type%3Diframe%26id%3D33XUSERID33X%26auxuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
an-x-request-uuid
23eae34d-673e-4e3a-b14e-e80086d07cb3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user.svg
static-cdn.spot.im/production/icons/fa/solid/ 		336 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-cdn.spot.im/production/icons/fa/solid/user.svg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
882441b5453d61d492bd76c8101b6f83884902ee7a86741d33f94ef682e35f76

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
wxanQLIGSlIqZYG2N0o0l3JaJE0Q4N_r
date
Sun, 03 Sep 2023 11:09:26 GMT
via
1.1 a41c564554b07cc8611f5945b432513a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P1
age
55260
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
336
last-modified
Wed, 22 Jan 2020 14:59:38 GMT
server
AmazonS3
etag
"e086c24763139e41b0d4fa7ef5330336"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
x-amz-cf-id
bFThRrmWjMfLvWPQcEcedfQoyO1nDZXDqWSyLaPUB2gD8LRk0N5_Bg==
openweb-symbol-v2.svg
static-cdn.spot.im/production/icons/custom/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-symbol-v2.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.83.12/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-d5f4c0-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ecb21ebdf48e900b241c017a3a5991c54f291038c4b71ae9c65ceadc0a0c6e7e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
a4LwvXxBiI2uL8zrMqiGV0xmsVieM496
content-encoding
br
via
1.1 a41c564554b07cc8611f5945b432513a.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 06:04:44 GMT
last-modified
Wed, 19 Jan 2022 13:40:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
73542
etag
W/"09ba69b6c3a7136d63fe98562c0114af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-replication-status
COMPLETED
x-amz-cf-id
rPjwyfl4uFMEw8z66p9YlosK_NQuozCLdsr738Gis7KnmRoEbVvyug==
openweb-text-v2.svg
static-cdn.spot.im/production/icons/custom/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://static-cdn.spot.im/production/icons/custom/openweb-text-v2.svg
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/conversation/tags/v3.83.12/vendors-node_modules_reduxjs_toolkit_dist_redux-toolkit_esm_js-node_modules_spotim_message_di-d5f4c0-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.219.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-123.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dd5f99b359e7415612cfdb97fb432b570af813d582919d6cea3692bdcb7e5d0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-amz-version-id
tIeb0BF074BwTuW6cmg0uAMaxL6ImEvW
content-encoding
br
via
1.1 a41c564554b07cc8611f5945b432513a.cloudfront.net (CloudFront)
date
Sun, 03 Sep 2023 09:03:35 GMT
last-modified
Wed, 19 Jan 2022 13:40:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK52-P1
age
62837
etag
W/"9fc6e633e804dd0fd3d6d352bac7c139"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
access-control-allow-origin
*
x-amz-replication-status
COMPLETED
x-amz-cf-id
jTvGNbkPlxi5MnMaZHVYiLzeDY45xeYpe1wzKSC1dXAd4mus5FSksQ==
RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
sync.targeting.unrulymedia.com/csync/ Frame 840C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=7846366807
  • https://sync.1rx.io/usersync/stackadapt/0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:26 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:26 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 840C
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Z2QT2FZQPB3A50150R9C
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pr
s.amazon-adsystem.com/v3/ Frame D3F6 		531 B
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
28bd1da86f79cbcc050bfecf618ef048f0c48c45745dd7921b08cc8bd83423c1
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=rx_n-Azerion
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
531
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 04 Sep 2023 02:30:25 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
MN0QYA8XCN10C7Y1P9E8
grumi.js
rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/ Frame EF3F 		409 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88b7b4898a719ce5a6e3bd5e2c537e08ffa5b070a72a94021a378751d39bf243

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
pPhlFxBywMrwAjbXYnAHHI6HDsoP1Y.l
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:22:45 GMT
server
AmazonS3
via
1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"46bb301dfae354c6508aaecadb879761"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2044
x-amz-cf-id
U7Wl0DWkFgpc8rWB1Rn7LTHvONKD6M-6S0Yb14vW9pd5BjCkexCO0A==
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 9849 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=13501, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Mon, 04 Sep 2023 06:15:27 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 9404 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=13501, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Mon, 04 Sep 2023 06:15:27 GMT
RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
sync.targeting.unrulymedia.com/csync/ Frame 8316
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=6191154777
  • https://sync.1rx.io/usersync/stackadapt/0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:26 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 8316
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
779YAB5JBBM22K58PA7V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:25 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame B3F9 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.102.49 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-102-49.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Mon, 04 Sep 2023 02:45:25 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 11:35:10 GMT
content-encoding
gzip
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:15 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
53716
x-amz-server-side-encryption
AES256
etag
W/"560498a44e7d42477433425cdafd6a16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
blon7WyLIJrT1uSCVijM_Nr1F1ch4JqyGp2juH6uWZTARlNXUmS_xQ==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ref=&_it=amazon&partner_id=458
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR3MH29WZT1YS7G
age
1798
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8012cf7c0d094bcc-BUF
x-amz-id-2
pr+Q8VZpaGu8DMcuENZeqcR0lrPEBfaCAARteKZNkCZ9cp1Mx8GlJmbnFEfNaQF40cm7aA9jb9o=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		118 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 21 Aug 2023 10:48:56 GMT
server
cloudflare
x-amz-request-id
NZGZF22DA6X55N2Z
age
2081
etag
W/"7799d2904b6b2427a4713f4da8b71602"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
8012cf7c09a94bcd-BUF
x-amz-id-2
9ODLf4FiT/PvJBsNSuNeBWOIUC7gfUfoqt13l19MRSVAGmrRdWiwS7SqLIJ07AWWdi+jk5XW3ea5Hw3dJfzUpA==
puid=HQzWZQZHTprevADoQOeL11M1
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MzkzL3QvMg/kv/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MzkzL3QvMg/kv/puid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
usync
ssp.api.tappx.com/cs/ Frame D78B 		0
443 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=76&type=iframe&id=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&auxuid=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158111&userIdMacro=(PM_UID)&gdpr=&gdpr_consent=&predirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D76%26type%3Diframe%26id%3D%28PM_UID%29%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:25 GMT
server
nginx
transfer-encoding
chunked
ixmatch.html
js-sec.indexww.com/um/ Frame 5856 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
669
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cf7cbc4036ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:26 GMT
expires
Mon, 04 Sep 2023 06:30:26 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7531 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:26 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:28 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794632840097-256
match
events-ssc.33across.com/ Frame 565D 		68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=f06e4e2a-74e6-05ca-346c-6d1eaa63efb4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
us-u.openx.net/w/1.0/ Frame 565D
Redirect Chain
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=F06qlvKX1QCZm45
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=F06qlvKX1QCZm45
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:25 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0da94c7f55bec3b76@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=F06qlvKX1QCZm45
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 565D
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=640113117700930142
43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=640113117700930142
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=640113117700930142
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame 565D
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=RTpskUc_OZReaj_FS2wnkUFqPp1eOjLFRTyBei4X
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=RTpskUc_OZReaj_FS2wnkUFqPp1eOjLFRTyBei4X
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=RTpskUc_OZReaj_FS2wnkUFqPp1eOjLFRTyBei4X
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 565D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=a7d3cd70-86de-48b7-a433-d7ee488fb1bf&ssp=openx
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 565D
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=1813050723370043128
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1813050723370043128
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=1813050723370043128
Date
Mon, 04 Sep 2023 02:30:26 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 565D
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=C14E48D5177140E2A6F7C142966EB206
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=C14E48D5177140E2A6F7C142966EB206
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=C14E48D5177140E2A6F7C142966EB206
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Sep 2023 02:30:26 GMT
sync
pippio.com/api/ Frame 565D
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=86b39ec0-9db7-0f54-1add-9ec82aa1bc04
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=2cb0d09f-970d-456e-be4b-50f8818385a0
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=209a5ed8-14b6-4395-918c-4da16d7955ba%3A1693794626.9884548&forward=https%3A//i.liadm.com/s/56409%3Fbidder_id%3D200442%26bidder_uuid%3D209a5ed8-14b6-4395...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1813050723370043128&referrer={encSite}&forward=https%3A%2F%2Fi.liadm.com%2Fs%2F56409%3Fbidder_id%3D200442%26bidder_uuid%3D209a5e...
  • https://i.liadm.com/s/56409?bidder_id=200442&bidder_uuid=209a5ed8-14b6-4395-918c-4da16d7955ba%3A1693794626.9884548&pid=500040&it=1&iv=209a5ed8-14b6-4395-918c-4da16d7955ba%3A1693794626.9884548&_=169...
  • https://pippio.com/api/sync?it=1&pid=500040&_=1693794626.994519&iv=209a5ed8-14b6-4395-918c-4da16d7955ba:1693794626.9884548
42 B
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?it=1&pid=500040&_=1693794626.994519&iv=209a5ed8-14b6-4395-918c-4da16d7955ba:1693794626.9884548
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Location
https://pippio.com/api/sync?it=1&pid=500040&_=1693794626.994519&iv=209a5ed8-14b6-4395-918c-4da16d7955ba:1693794626.9884548
Date
Mon, 04 Sep 2023 02:30:28 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
1
g.pixel
aa.agkn.com/adscores/ Frame 565D 		43 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=9a87a23a-e5a1-0eb4-3219-ee4420f1efcd
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-84.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 7a1287aac11cb484d13c7a9cbd2585b0.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
jiCp0uvuIWzbc9ty_QJhO00WMJmWEdEP6hgfRqhrKw92h7dVVc8Xlw==
expires
0
/
bpi.rtactivate.com/tag/ Frame 565D 		43 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=50019&user_id=182a69bb-75e5-0759-3ef0-4dc752cf183a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.206.63 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-206-63.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
37274
stags.bluekai.com/site/ Frame 565D 		62 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=a1111ae2-9f1a-08a4-22ac-fdea3b671d58
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
41e
expires
Thu, 01 Dec 1994 16:00:00 GMT
config.json
player.adtelligent.com/exchange_rates/307824/ Frame 7923 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e526dec546f52d33e10654eb66ea362614d3bed63800892021fd0f977c5e8960

Request headers

Referer
https://p.nodserving.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 06 Sep 2023 02:30:26 GMT
date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 12:02:28 GMT
server
nginx
etag
W/"64f32454-857"
content-type
application/json
access-control-allow-origin
https://p.nodserving.com
cache-control
max-age=172800
x-proxy-cache
HIT
view
securepubads.g.doubleclick.net/pcs/ Frame 6A0D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyfKISjoED4IH8UURYBhZGhscD6q4prWiG0pSjNLS8nHzo15AkYPS7Wv4RAqn-TaNFmTrM3GFmdoBEipOPN2-Hx2hD9d7Gye0bmtfVz_GBs5OPt2YcmesUexrGQ-lyVEEMEQ-upIEuRXJwzg_z43q6GlEB-lnltxnDbvTMRnUGS1CmBT6h2NYBD6tq86Khb78pbzPOSMp_UUfGnZ4FY-z6L9VqNngfgUyKoYI_oEmgrgy9YuvwjKSFYjwIWj4EWwspDcTZqWCSHSIPb_gecBJDeY2cR6tJ4Rz5NMQExZowOJAsecgxjtA7pPiCnFIU7QdybbxaAyXB-Kk&sai=AMfl-YRjGyu7piKwi_hlW4tN_VCpahi5I6yW_CKx6dGdQ2PV9OWaAkv9SVYKXUhYMdzxkn77fRU9kC6X87Y4cHNy305YcX54E9UDt9fGsxOxgtRgBSdwI7ImwBcg8jZTCNQ&sig=Cg0ArKJSzPQCSyXqNLdiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 6A0D 		409 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56233df21d5cf20e733370b2ba8360f291783115d4fc4e633ab23dd0ae4af4e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
gX70kDBwIFvRK6eYdKlVyfGL2wxylpWg
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:22:23 GMT
server
AmazonS3
via
1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"b46160acc37e84b67938a57a16580cfc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2045
x-amz-cf-id
GrOZHos444bMrV0nggGiUHFsqHZyWXcldTO3D4R0GE3yxpFirGw1ag==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6A0D 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:26 GMT
config.json
player.adtelligent.com/exchange_rates/307824/ Frame 8419 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e526dec546f52d33e10654eb66ea362614d3bed63800892021fd0f977c5e8960

Request headers

Referer
https://p.medocdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 06 Sep 2023 02:30:26 GMT
date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 12:02:28 GMT
server
nginx
etag
W/"64f32454-857"
content-type
application/json
access-control-allow-origin
https://p.medocdn.com
cache-control
max-age=172800
x-proxy-cache
HIT
RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
sync.targeting.unrulymedia.com/csync/ Frame D3F6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=amazon&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Drhythmone.com%26id%3D%5BRX_UUID%5D
  • https://sync.srv.stackadapt.com/sync?nid=95&rndcb=7458589337
  • https://sync.1rx.io/usersync/stackadapt/0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:26 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
ecm3
s.amazon-adsystem.com/ Frame D3F6
Redirect Chain
  • https://ad.360yield.com/server_match?callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dazerion.com%26id%3D%7BPUB_USER_ID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=rx_n-Azerion&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
K7ZZXSNRVNA8C39Z1XP2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=azerion.com&id=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:26 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
envelope
lexicon.33across.com/v1/ Frame 4798 		42 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003HljHyAAJ&src=aps&ver=1.0.1&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
hbp_master_270443_31.js
player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame EF3F 		477 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
072f3d4c99e8fd5b6f8e19f5ab15d184d8bf01fa673ffdca3371e6019f5767f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:26 GMT
date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
last-modified
Tue, 08 Aug 2023 08:34:18 GMT
server
nginx
etag
W/"64d1fe0a-775c9"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
hbw_release_270443_31.js
player.spotim.market/prebidlink/aYHHO/ Frame EF3F 		645 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.spotim.market/prebidlink/aYHHO/hbw_release_270443_31.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6f7de9d60ffad3e97e8b9dc0ebe9dd8cad72ee753f1a689f6ee092885a881f1f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:26 GMT
date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 06:11:21 GMT
server
nginx
etag
W/"64f2d209-a14d1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/ Frame EF3F 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 22:37:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
13981
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129682
x-xss-protection
0
server
cafe
etag
12917394590533080382
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 02 Sep 2024 22:37:25 GMT
setuid
sync.quantumdex.io/ Frame 3BFC
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf80e9594bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame 3BFC
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf81495f4bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame 3BFC
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf8249644bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
an-x-request-uuid
2fa53d28-e51c-495a-aee2-4aebb76e0e37
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 3BFC
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf8249654bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
date
Mon, 04 Sep 2023 02:30:26 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame 3BFC
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf83596a4bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
sNysXiu8yi2rHktkMy7CSm1LpbZJ37FdplSMAPEB21olUXO9xiEabg==
setuid
sync.quantumdex.io/ Frame 3BFC
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf83796c4bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
date
Mon, 04 Sep 2023 02:30:26 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 3BFC
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf8239634bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 04 Sep 2023 02:30:26 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
csync
sync.adtelligent.com/ Frame 3BFC 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307682&extuid=da0a1784-d8ab-4c85-ab15-f94d2b215e2b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:26 GMT
Server
Adtelligent
Etag
8c142d02c463c298
Content-Length
43
Content-Type
image/gif
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0317 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:26 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:28 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E9C3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
669
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cf7eaec636ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:26 GMT
expires
Mon, 04 Sep 2023 06:30:26 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
player.js
player.aniview.com/script/6.1/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b4615b270f1614490ade3e656c3a497aaeb725fc218150238d59df0258a0f3c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtHbNP9uUMQ0uup1oIi8fVmkPOP4lBf4IwZe9xSqLQ4Znf9Cn1n4ErEfvZiQunGhG8VfUtgxTYfl_fMc3LD35eYu0OuCu1l
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13568
last-modified
Sun, 03 Sep 2023 06:24:16 GMT
server
UploadServer
etag
"e0555a7a34c6a8a2a705ce461a0fe10c"
vary
Accept-Encoding
x-goog-generation
1693722256379154
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=omodjw==, md5=4FVaejTGqKKnBc5GGg/hDA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13568
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:26 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=60acbabfd11d982b09533bb5&e=playerLoaded&cb=1693794626339&r=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=4ce580ce-81c5-8dc6-47d2-896525727747&tv=%7Bc:naA7ih,pingTime:-2,time:1886,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:2320,beZ:2323,mfA:3412,cmA:3413,inA:3413,inZ:3416,prA:3416,prZ:3514,si:3520,poA:3520,poZ:3535,cmZ:3535,mfZ:3535,loA:3782,loZ:3787,ltA:4205,ltZ:4205,mdA:2324,mdZ:2491%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:728,h:90,t:1199%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1886,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1199,wc:0.0.1600.1200,ac:436.4010.728.90,am:i,cc:436.4010.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B792~0%5D,as:%5B792~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQRD2r+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e1131%7C1e1132%7C1e1133%7C1e1134%7C1e1135%7C1e1136%7C1e1137%7C1e1138%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g1%7C1h1%7C1h2%7C1h31%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l4%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p151%7C1q1%7C1q2%7C1q31%7C1q32%7C1q33%7C1q34%7C1q35%7C1q36%7C1q37%7C1q38%7C1q39%7C1q3a%7C1q3b%7C1q3c%7C1q3d%7C1q3e%7C1q3f%7C1q3g%7C1q3h%7C1q3i%7C1q41%7C1q42%7C1q51%7C1q521%7C1q611%7C1q6121%7C1q613%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v%7C1w11%7C1x1%7C1x2%7C1x3%7C1x4%7C1x5%7C1x6%7C1x7%7C1x81%7C1x9%7C1xa%7C1xb%7C1xc%7C1xd%7C1xe%7C1xf%7C1xg%7C1xh%7C1xi11%7C1y*.930203%7C1y1%7C1z.930203%7C1z1%7C110%7C1111%7C1112%7C1113%7C1114%7C11151%7C112,idMap:1y*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1200,slid:%5Bgoogle_ads_iframe_/83521017293/a.shefinds/articles_5,google_ads_iframe_/83521017293/a.shefinds/articles_5__container__,skm-boomerang-el-0-1,container%5D,sinceFw:685,readyFired:true%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
auction
prebid-server.rubiconproject.com/openrtb2/ 		218 B
495 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c992bb054edcca497ce40a74bf5baf14918d2fa2e00b0d043fce982fc771e40e

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
194
Expires
0
bid
krk.kargo.com/api/v2/ 		2 B
661 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://krk.kargo.com/api/v2/bid?json=%7B%22sessionId%22%3A%22345ecc47-20e8-461b-9c5f-0b1a2c3b56b1%22%2C%22requestCount%22%3A2%2C%22timeout%22%3A1500%2C%22currency%22%3A%22USD%22%2C%22cpmGranularity%22%3A1%2C%22timestamp%22%3A1693794626371%2C%22cpmRange%22%3A%7B%22floor%22%3A0%2C%22ceil%22%3A20%7D%2C%22bidIDs%22%3A%7B%22179023a8a65ad6e2%22%3A%22_kskn7ErFY3%22%7D%2C%22bidSizes%22%3A%7B%22179023a8a65ad6e2%22%3A%5B%5B1600%2C900%5D%5D%7D%2C%22device%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22sua%22%3A%7B%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%7D%7D%2C%22prebidRawBidRequests%22%3A%5B%7B%22bidder%22%3A%22kargo%22%2C%22params%22%3A%7B%22placementId%22%3A%22_kskn7ErFY3%22%7D%2C%22auctionId%22%3A%22f9cd710d-7609-4d59-bc13-7091e4f24ada%22%2C%22floorData%22%3A%7B%22skipped%22%3Afalse%2C%22skipRate%22%3A0%2C%22location%22%3A%22setConfig%22%7D%2C%22userId%22%3A%7B%22tdid%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%7D%2C%22userIdAsEids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D%2C%22ortb2Imp%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22player_type%22%3A%22floatDesktop%22%2C%22autoplay%22%3A%22true%22%2C%22closable_player%22%3A%22y%22%2C%22inview%22%3A%22true%22%2C%22player_height%22%3A900%2C%22player_width%22%3A1600%2C%22st%22%3A%22video%22%2C%22loc%22%3A%22outstr%22%2C%22inst%22%3A%22-%22%2C%22us_privacy%22%3A%221---%22%2C%22consent_required%22%3A%220%22%2C%22vertical%22%3A%5B%22undefined%22%5D%2C%22vertical1%22%3A%5B%22undefined%22%5D%2C%22pbadslot%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Fundefined%2Fvideo-outstream%2Fprebid-video%22%7D%2C%22gpid%22%3A%22%2F8352%2C1017293%2Fa.shefinds%2Fundefined%2Fvideo-outstream%2Fprebid-video%22%2C%22tid%22%3A%229a5d1701-cc5e-4975-8a3b-aeb0755bd1a7%22%7D%7D%2C%22renderer%22%3A%7B%22url%22%3A%22_%22%7D%2C%22mediaTypes%22%3A%7B%22video%22%3A%7B%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22maxduration%22%3A120%2C%22mimes%22%3A%5B%22video%2Fmp4%22%5D%2C%22minduration%22%3A5%2C%22placement%22%3A5%2C%22plcmt%22%3A4%2C%22playbackmethod%22%3A%5B2%2C3%2C6%5D%2C%22context%22%3A%22outstream%22%2C%22playerSize%22%3A%5B%5B1600%2C900%5D%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%2C7%2C8%5D%2C%22skip%22%3A1%2C%22skipafter%22%3A5%7D%7D%2C%22adUnitCode%22%3A%22prebid-video%22%2C%22transactionId%22%3A%229a5d1701-cc5e-4975-8a3b-aeb0755bd1a7%22%2C%22sizes%22%3A%5B%5B1600%2C900%5D%5D%2C%22bidId%22%3A%22179023a8a65ad6e2%22%2C%22bidderRequestId%22%3A%221789dc75de287d87%22%2C%22src%22%3A%22client%22%2C%22metrics%22%3A%7B%22userId.init.gdpr%22%3A%5B0%2C0%2C0%2C0%5D%2C%22userId.mod.init%22%3A%5B0.09999847412109375%2C0.40000152587890625%2C0%2C0.20000076293945312%2C0%2C0.20000076293945312%2C0%2C0.5%5D%2C%22userId.mods.unifiedId.init%22%3A%5B0.09999847412109375%2C0%2C0%2C0%5D%2C%22userId.mods.identityLink.init%22%3A%5B0.40000152587890625%2C0.20000076293945312%2C0.20000076293945312%2C0.5%5D%2C%22userId.init.modules%22%3A%5B3%2C1.2000007629394531%2C1.2000007629394531%2C1.5%5D%2C%22userId.total%22%3A%5B3801.7999992370605%2C168.39999771118164%2C8259.099998474121%5D%2C%22userId.mod.callback%22%3A%5B169.5%5D%2C%22userId.mods.identityLink.callback%22%3A%5B169.5%5D%2C%22userId.callbacks.total%22%3A%5B169.60000228881836%5D%2C%22userId.callbacks.pending%22%3A%5B5441%5D%2C%22requestBids.usp%22%3A0%2C%22requestBids.priceFloors%22%3A0.2999992370605469%2C%22requestBids.userId%22%3A0.1999969482421875%2C%22requestBids.rtd%22%3A425.4000015258789%2C%22requestBids.validate%22%3A0.3999977111816406%2C%22requestBids.makeRequests%22%3A4.099998474121094%2C%22adapter.client.validate%22%3A0%2C%22adapters.client.kargo.validate%22%3A0%7D%2C%22bidRequestsCount%22%3A1%2C%22bidderRequestsCount%22%3A1%2C%22bidderWinsCount%22%3A0%2C%22ortb2%22%3A%7B%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22domain%22%3A%22shefinds.com%22%2C%22keywords%22%3A%22climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews%22%2C%22publisher%22%3A%7B%22domain%22%3A%22shefinds.com%22%7D%2C%22ext%22%3A%7B%22data%22%3A%7B%22pvuuid%22%3A%5B%2265e90d9a-880c-4922-8429-737d1e8accef%22%5D%2C%22addir%22%3A%5B%22bh%2F41%2F412%2F412983%2F2498530%22%5D%2C%22site%22%3A%5B%22shefinds%22%5D%2C%22domain%22%3A%5B%22shefinds.com%22%5D%2C%22urlhash%22%3A%5B%222907093993%22%5D%2C%22section%22%3A%5B%22collections%22%5D%2C%22directory%22%3A%5B%22walmart-packaging-change%22%5D%2C%22plat%22%3A%5B%22desk%22%5D%2C%22pt%22%3A%5B%22-%22%5D%2C%22schainv10%22%3A%5B%221.0%2C1!pmc.com%2C1179161%2C1%2C%2C%2C%22%5D%2C%22browser%22%3A%5B%22Chrome%22%5D%2C%22pageview%22%3A%5B%221%22%5D%2C%22admants%22%3A%5B%22S_10087%22%2C%22S_10271%22%2C%22S_10955%22%2C%22S_11587%22%2C%22S_12403%22%2C%22S_12404%22%2C%22S_12747%22%2C%22S_4284%22%2C%22S_4288%22%2C%22S_4289%22%2C%22S_4304%22%2C%22S_4317%22%2C%22S_4359%22%2C%22S_5276%22%2C%22S_6202%22%2C%22S_6310%22%2C%22S_6650%22%2C%22S_6654%22%2C%22S_6655%22%2C%22S_6766%22%2C%22S_6768%22%2C%22S_6911%22%2C%22S_7077%22%2C%22S_8531%22%2C%22S_9094%22%5D%2C%22adt%22%3A%5B%22veryLow%22%5D%2C%22alc%22%3A%5B%22veryLow%22%5D%2C%22dlm%22%3A%5B%22veryLow%22%5D%2C%22drg%22%3A%5B%22veryLow%22%5D%2C%22hat%22%3A%5B%22veryLow%22%5D%2C%22off%22%3A%5B%22veryLow%22%5D%2C%22vio%22%3A%5B%22veryLow%22%5D%2C%22ias-kw%22%3A%5B%22IAS_1506123_PG%22%2C%22IAS_3007008_PG%22%2C%22IAS_1500690_PG%22%2C%22IAS_1500154_PG%22%2C%22IAS_1500161_PG%22%2C%22IAS_8285_KW%22%2C%22IAS_13037_KW%22%2C%22IAS_5678_KW%22%2C%22IAS_1500092_PG%22%2C%22IAS_1500085_PG%22%5D%2C%22fr%22%3A%5B%22true%22%5D%2C%22videocodecgroup%22%3A%5B%22mp4%22%5D%7D%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22data%22%3A%7B%22permutive%22%3A%5B%2221967%22%2C%2232745%22%2C%2243641%22%2C%2273308%22%2C%2281752%22%2C%2287946%22%2C%2295987%22%2C%2295993%22%2C%2296402%22%2C%2297250%22%2C%22101262%22%2C%22102567%22%2C%22105086%22%2C%22116913%22%2C%22116916%22%2C%22124918%22%2C%22128800%22%2C%22128890%22%2C%22146917%22%2C%22157392%22%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pmc.com%22%2C%22sid%22%3A%221179161%22%2C%22hp%22%3A1%7D%5D%7D%7D%5D%2C%22prebidVersion%22%3A%227.40.0%22%2C%22userIDs%22%3A%7B%22crbIDs%22%3A%7B%7D%2C%22usp%22%3A%221---%22%2C%22tdID%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%7D%2C%22pageURL%22%3A%22https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F%22%2C%22rawCRB%22%3Anull%2C%22rawCRBLocalStorage%22%3Anull%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.147.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-147-220.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:26 GMT
Content-Encoding
gzip
X-Accel-Expires
0
Nbr
505
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Expires
Thu, 01 Jan 1970 00:00:00 UTC
c
prebid.a-mo.net/a/ 		309 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
36aacc92c6c3107a492060a7df513f91a246e0ddde96275ed9703cdeaeedc78e

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
22
content-length
278
shemedia
direct.adsrvr.org/bid/bidder/ 		0
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://direct.adsrvr.org/bid/bidder/shemedia
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.161.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:25 GMT
x-openrtb-version
2.3
server
Kestrel
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=505861
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03917174ce739528bdd43ec35d8c289a999e2dbd98a72fc55a540bea224ea097

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViSR%2FFaCKqjoMR6dKSFW63O0aVcRsfdwAWe0bh632h7uIKiF3F%2BUscI9rd9E%2B%2FvAi3lmsAeDjU3SU%2Bf4BqIzG6dyEzrUlbI36WDrndeX83VRpMQLIv7IBxcjvxtuorl4hl3zMAAV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf7efef2542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
8a9e7c3f7718290bf26b649ba64395e64c02fc31df22dbe4e87be1969c51e433

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
an-x-request-uuid
84f6348c-24d3-4479-8a61-2cd269206e6a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&kq=1&lo=0&qs=1&ak=-&i=NATIVOINVCONTENT1&ud=false&qm=600&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!w%5ETm_hBE%22%3B8%2BYe6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23V%7Du%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=2&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=16996&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&cm=33&f=0&j=&o=3&t=1693794610384&de=463464521125&cu=1693794610384&m=16012&ar=6194820-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=15149&cd=5328&ah=15149&am=5328&re=0&wb=1&cl=0&at=0&d=14294%3A-%3A-%3A-&gw=nativonielsen548znrb18&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98815&na=2146911718&cs=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.189.209 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-189-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 04 Sep 2023 02:30:26 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=15d63cd5-bf47-4dd1-c2c3-43e8db94d088&tv=%7Bc:naA7jb,pingTime:-2,time:1921,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1844,beZ:1845,mfA:3055,cmA:3055,inA:3055,inZ:3057,prA:3057,prZ:3088,si:3093,poA:3093,poZ:3107,cmZ:3107,mfZ:3107,loA:3375,loZ:3378,ltA:3764,ltZ:3764,mdA:1845,mdZ:2027%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:body%7D%7D,env:%7Bgca:false,cca:true,ccd:%7Bversion:1,uspString:1---%7D,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:l,w:300,h:250,t:1248%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1921,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1248,wc:0.0.1600.1200,ac:962.7707.300.250,am:i,cc:962.7707.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B709~0%5D,as:%5B709~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:tOQRD2r+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e1131%7C1e1132%7C1e1133%7C1e1134%7C1e1135%7C1e1136%7C1e1137%7C1e1138%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g1%7C1h1%7C1h2%7C1h31%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l4%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p151%7C1q1%7C1q2%7C1q31%7C1q32%7C1q33%7C1q34%7C1q35%7C1q36%7C1q37%7C1q38%7C1q39%7C1q3a%7C1q3b%7C1q3c%7C1q3d%7C1q3e%7C1q3f%7C1q3g%7C1q3h%7C1q3i%7C1q41%7C1q42%7C1q51%7C1q521%7C1q611%7C1q6121%7C1q613%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v%7C1w11%7C1x1%7C1x2%7C1x3%7C1x4%7C1x5%7C1x6%7C1x7%7C1x81%7C1x9%7C1xa%7C1xb%7C1xc%7C1xd%7C1xe%7C1xf%7C1xg%7C1xh%7C1xi11%7C1y.930203%7C1y1%7C1y2%7C1z*.930203%7C1z1%7C110%7C1111%7C1112%7C1113%7C1114%7C11151%7C112,idMap:1z*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1249,slid:%5Bgoogle_ads_iframe_/83521017293/a.shefinds/articles_6,google_ads_iframe_/83521017293/a.shefinds/articles_6__container__,skm-ad-flexrec-2,container%5D,sinceFw:671,readyFired:true%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
server
nginx
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
optoutstatus.html
ads.shemedia.com/static/ Frame 777C 		748 B
774 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.shemedia.com/static/optoutstatus.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
age
1803
cache-control
max-age=14400, stale-while-revalidate=3600
content-encoding
br
content-type
text/html
date
Mon, 04 Sep 2023 02:30:26 GMT
etag
W/"d3adb9510fa96393f723a02c4cb16432"
last-modified
Fri, 01 Sep 2023 00:04:31 GMT
vary
accept-encoding
via
1.1 varnish
x-amz-id-2
1Pr4q3ueMkEmSOTGg1Ct8XuyobJQoUR6CAzCQJ4pK/MkTZz5JPF4CiOVJa8V99dPp7hDLgeozes=
x-amz-request-id
9ZN602YBZ4B46ZN1
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
159
x-served-by
cache-yyz4528-YYZ
x-timer
S1693794626.457977,VS0,VE0
tap.php
pixel.rubiconproject.com/ Frame AC9D 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=7cVRFx7lUfvXyfTlQSxz6HEgtUtA2vyZs_PjhJLF58M
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user-sync
sync.adkernel.com/ Frame AC9D 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=175005&r=7cVRFx7lUfvXyfTlQSxz6HEgtUtA2vyZs_PjhJLF58M
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:26 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
22
pbs.gif
sync.colossusssp.com/ Frame BDE9 		0
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B3F9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:30:26 GMT
envelope
lexicon.33across.com/v1/ Frame B3F9 		42 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0015a00003HljHyAAJ&src=aps&ver=1.0.1&us_privacy=1---
Requested by
Host: cdn-ima.33across.com
URL: https://cdn-ima.33across.com/ima.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
/
de.tynt.com/deb/ Frame BFD7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%...
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
75802e178f06d7d72c46c70e31fe99fe8e79785843f0523a9fd2716fbd31a1d6

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1845
content-type
text/html
date
Mon, 04 Sep 2023 02:30:26 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Mon, 04 Sep 2023 02:30:26 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP018
x-33x-status
8340000A
usync
ssp.api.tappx.com/cs/ Frame 606B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=tappx&khaos=LM49KSCX-B-B1NA
  • https://ssp.api.tappx.com/cs/usync?idmn=52&id=LM49KSCX-B-B1NA
0
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=52&id=LM49KSCX-B-B1NA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=tappx&endpoint=us-east
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssp.api.tappx.com/cs/usync?idmn=52&id=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b9bd3ce43b0f5c29a708abe94979ac15
Expires
0
pbs.gif
sync.colossusssp.com/ Frame 379D 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 260D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk56vCRarn8FuJ0kXuRTkZlrFjE-d7ryGVx-RQdTuDXmSFCZJmHGnVj0MZ8leMHowyN4NRR2Os8ok6Xafq2OSMVimQHgz-mFSncZJWkNuiidrg0sZ05Mv5dpFyEvztXqa703QzWx7_IF-EqTbf_3SKoA25gVDfIF8nOOpAtPfjJDsiaODuchgCLNgCAsv0hYRVLY2_DUB0NR_KU7cMRc8ZJtb2VAWL-tBmrOR5_myp6o-1XA58kn_6sobD9BPBrDXh5vXI8xLUQVNnSb94w_Gu1VvFu8Izriaip4jQiYVJ6KCsGX4bQP5BGfg_mLXXwF4juQt-NvzWYfI&sai=AMfl-YSBIOEQcMMcHXdh5cpdl7as82CDrn8GQIr2CTOZfLHJi6IxS-nQgHbNqv8F6REep9nnNRULrJai-0Em-LBcG0kSxQvgG316O6aoVLNTZOcSRgiDUpZfCGauQhU8bRU&sig=Cg0ArKJSzEPIvqh0Qg-TEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 260D 		409 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56233df21d5cf20e733370b2ba8360f291783115d4fc4e633ab23dd0ae4af4e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
gX70kDBwIFvRK6eYdKlVyfGL2wxylpWg
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:22:23 GMT
server
AmazonS3
via
1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"b46160acc37e84b67938a57a16580cfc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2045
x-amz-cf-id
mPR6DvKKcWBlkwSDpDvUxn2aTeBD6riMsnx76iGIXeINWa-rRLodbw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 260D 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:26 GMT
setuid
prebid-server.rubiconproject.com/ Frame A5BD
Redirect Chain
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
  • https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
x-accel-expires
0
vary
Origin
content-type
text/html; charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
150
expires
Thu, 01 Jan 1970 00:00:00 UTC
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame 4798 		190 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1451:14::1140 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Mon, 04 Sep 2023 03:00:26 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F0FA 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
6c2ded3639d4718652961cb86501042e3d73659f123e26d4c68d2f3626034ca2

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1665
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:26 GMT
Expires
0
Keep-Alive
timeout=1, max=492
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
setuid
sync.quantumdex.io/ Frame D84F
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012cf81095b4bc1-BUF
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:30:26 GMT
server
cloudflare

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:26 GMT
ETag
OPTOUT
Expires
0
Location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Pragma
no-cache
Server
Tengine
Transfer-Encoding
chunked
sync-iframe
cs-server-s2s.yellowblue.io/ Frame F733 		536 B
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
9f5d5049f8b35d10681d9cbb884069cbb3467b8d415c06c36804a9ea6234ab69

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
536
content-type
text/html
date
Mon, 04 Sep 2023 02:30:26 GMT
server
istio-envoy
x-envoy-upstream-service-time
9
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7FD0 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101341
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:26 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame C237 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
b48d700842352e2dbc3982fe976c86be731d30d4fbb28f277d5c772d9ce025e3

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1074
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:26 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 4E97 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
0a9ce9bfeb09e96785ee5e001d63f5182a483e18230dc3731c24c8fffd0f6ced
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
864
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 796C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
164108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 04:55:18 GMT
expires
Sun, 01 Sep 2024 04:55:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B3D4 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
09bc427deaad15ac079441db6e59074f47ddeebec55fb51b33fa2ece3c791495
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pm3mRZuNxPR3Yi5iM9kmaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-pm3mRZuNxPR3Yi5iM9kmaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:26 GMT
expires
Mon, 04 Sep 2023 02:30:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
setuid
prebid-server.rubiconproject.com/ Frame A21B 		0
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Expires
0
Pragma
no-cache
content-length
0
content-type
text/html
sync
eb2.3lift.com/ Frame A210 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
691a79128c4ecdfbceaed1e676d4523893fbff6fbf061bdaf7194539ca5c34fc

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1384
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:26 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
183734-166492037162020.js
js-sec.indexww.com/ht/p/ Frame AF10 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183734-166492037162020.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Sep 2023 02:15:20 GMT
server
cloudflare
age
810
etag
W/"90206d-9fd2-6047f15018d95"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
8012cf813a5c36ab-YYZ
expires
Mon, 04 Sep 2023 06:30:26 GMT
1540_03681
track2.securedvisit.com/sync/ 		43 B
178 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track2.securedvisit.com/sync/1540_03681?id=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.60.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-60-244.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
cache-control
private, no-cache, proxy-revalidate
server
nginx/1.22.0
content-length
43
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame 7531 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
an-x-request-uuid
48e3faab-79de-43a7-a020-c6fd60d40dd7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SPS2TCRBW2&gtm=45je38u0&_p=373171656&cid=1789139906.1693794608&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1693794607&sct=1&seg=1&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&dt=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&_s=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPS2TCRBW2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
gw.geoedge.be/api/ 		0
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9c00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:26 GMT
via
1.1 6886c621d4716e156349149ba8d65b40.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
lhZqtW8ZKPznJE1n9rlHXU8QZCxqtYa6FyPiANV9RkTjRzlZI02I9g==
x-cache
Miss from cloudfront
ot_multi_template.js
fo-static-usa02.omnitagjs.com/ Frame 6A0D 		499 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-static-usa02.omnitagjs.com/ot_multi_template.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.30 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-30.deploy.static.akamaitechnologies.com
Software
ayl-lb-fra02 /
Resource Hash
23d42c85b8de044716deef4fd88de6ab9edff8e0a198bc956a290b1bdae32204
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
pragma
public
last-modified
Thu, 30 Mar 2023 13:07:40 GMT
server
ayl-lb-fra02
etag
"6425899c-7cd64"
access-control-max-age
86400
access-control-allow-methods
OPTIONS, GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
false
cache-control
public, max-age=988
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type
expires
Mon, 04 Sep 2023 02:46:54 GMT
rum
dsum-sec.casalemedia.com/ Frame F0FA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Date
Mon, 04 Sep 2023 02:30:26 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
recv
cm.gammaplatform.com/adx/ Frame F0FA
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=ambient-digital&ttd_tpi=1
  • https://cm.gammaplatform.com/adx/recv?pid=5&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.gammaplatform.com/adx/recv?pid=5&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
35.186.154.107 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.154.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

lws
126
date
Mon, 04 Sep 2023 02:30:29 GMT
content-encoding
gzip
accept-encoding
utf-8
time-ms
0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
content-length
51

Redirect headers

location
https://cm.gammaplatform.com/adx/recv?pid=5&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30
date
Mon, 04 Sep 2023 02:30:28 GMT
server
Kestrel
content-length
199
crum
dsum-sec.casalemedia.com/ Frame F0FA
Redirect Chain
  • https://trace.mediago.io/ju/cs/indexexchange
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=ee57f448535302e4cae242ff57a5b5b8
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=ee57f448535302e4cae242ff57a5b5b8
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 google
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=215&external_user_id=ee57f448535302e4cae242ff57a5b5b8
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
crum
dsum-sec.casalemedia.com/ Frame F0FA
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
5386
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8012cf845d5a4bcc-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame F0FA 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F0FA 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame F0FA 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
QD9R9F73NN412633CRCY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
sync.quantumdex.io/ Frame F0FA 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf8459764bc1-BUF
content-length
43
content-type
image/gif
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame 4798 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.102.49 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-102-49.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Mon, 04 Sep 2023 02:45:26 GMT
async_usersync
ib.adnxs.com/ Frame 0317 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
an-x-request-uuid
4c4eb3ca-5ac8-42c1-964e-7bcd01e55644
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame C237 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4187545677285024608258
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
an-x-request-uuid
6e86a2ba-1f51-4a59-97e6-1516f9ad891e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame C237 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4187545677285024608258
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
an-x-request-uuid
3b3ce2d9-650b-4494-a341-58a1c5bf2fd1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame C237
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=9be4ed3c-c4eb-4966-94aa-5a7f63709496&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=9be4ed3c-c4eb-4966-94aa-5a7f63709496&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=9be4ed3c-c4eb-4966-94aa-5a7f63709496&dongle=d54f&gdpr=0&gdpr_consent=
Date
Mon, 04 Sep 2023 02:30:27 GMT
Connection
keep-alive
X-CI-RTID
5786e5c1-64af-472c-8a10-54b362cbf74f
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame C237
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=3723847017943428256&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=3723847017943428256&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=3723847017943428256&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame C237
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=tBqhGL_SEgdE6TJQpXUm&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5ORBHC2CHJRPVG...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=tBqhGL_SEgdE6TJQpXUm
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=tBqhGL_SEgdE6TJQpXUm
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:28 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=tBqhGL_SEgdE6TJQpXUm
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame C237
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45&dongle=4430
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45&dongle=4430
Date
Mon, 04 Sep 2023 02:30:27 GMT
Connection
keep-alive
Content-Length
137
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame C237 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.213.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-213-198.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame C237 		43 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.72.213.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-72-213-198.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame C237
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame C237 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4187545677285024608258
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
cksync.php
contextual.media.net/ Frame F733 		53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:27 GMT
/
csync.loopme.me/ Frame F733 		0
0
setuid
sync.quantumdex.io/ Frame F733 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=rise&uid=wTUvU2M-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf8499784bc1-BUF
content-length
43
content-type
image/gif
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame F2B5 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693794626935
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
max-age=59586, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Mon, 04 Sep 2023 19:03:33 GMT
stv
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A&gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
23 B
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
52.3.219.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-219-49.compute-1.amazonaws.com
Software
gunicorn /
Resource Hash
b74e7c9dbf57703b7b6bde0f9ef962837d00c74dfd9c5560e88ba61ea47a456b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
23
content-type
text/plain

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794629855047-261
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 9849 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693794627002
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
max-age=59586, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Mon, 04 Sep 2023 19:03:33 GMT
auto-user-sync
ads.stickyadstv.com/ Frame 9849 		0
0
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A&gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A&gdpr=0&gdpr_consent=null
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent=null
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3Dnull&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=null&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794632930071-293
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 0F45 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693794627039
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
max-age=59586, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Mon, 04 Sep 2023 19:03:33 GMT
auto-user-sync
ads.stickyadstv.com/ Frame 0F45 		0
0
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794633595039-319
xuid
eb2.3lift.com/ Frame A210
Redirect Chain
  • https://cms.quantserve.com/pixel/p-VtN-a_yLd-GB-.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=OD8h3zo6dNojb3KLNmlq3zxvc9MjP3-LODmsomA9
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=OD8h3zo6dNojb3KLNmlq3zxvc9MjP3-LODmsomA9
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://eb2.3lift.com/xuid?gdpr=0&mid=5316&dongle=fa68&xuid=OD8h3zo6dNojb3KLNmlq3zxvc9MjP3-LODmsomA9
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
xuid
eb2.3lift.com/ Frame A210
Redirect Chain
  • https://triplelift-match.dotomi.com/match/bounce/current?networkId=74572&version=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881027&gdpr_consent=&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881027&gdpr_consent=&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://eb2.3lift.com/xuid?mid=6732&dongle=38F&xuid=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881027&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
xuid
eb2.3lift.com/ Frame A210
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/trl?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7255&xuid=AACX7E7J6oIAACoiJc0fIg&dongle=bzwx&gdpr=0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7255&xuid=AACX7E7J6oIAACoiJc0fIg&dongle=bzwx&gdpr=0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7255&xuid=AACX7E7J6oIAACoiJc0fIg&dongle=bzwx&gdpr=0
Date
Mon, 04 Sep 2023 02:30:27 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
xuid
eb2.3lift.com/ Frame A210
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=62&redir=%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3690%26xuid%3D%5BMM_UUID%5D%26dongle%3D3995%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3690&xuid=d0a664f5-4137-4e00-931c-0b407a189fe2&dongle=3995&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3690&xuid=d0a664f5-4137-4e00-931c-0b407a189fe2&dongle=3995&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
MT3 1031 59fd23a master ord ord-pixel-x16 config_version:"1969"
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://eb2.3lift.com/xuid?mid=3690&xuid=d0a664f5-4137-4e00-931c-0b407a189fe2&dongle=3995&gdpr=0&gdpr_consent=
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 04 Sep 2023 02:30:26 GMT
xuid
eb2.3lift.com/ Frame A210
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/RVF22VSl?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3657%26xuid%3D%24%7BTM_USER_ID%7D%26dongle%3D3c0a%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3657&xuid=ZPVBNgANs6j7wQAb&dongle=3c0a&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3657&xuid=ZPVBNgANs6j7wQAb&dongle=3c0a&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-served-by
cache-yyz4578-YYZ
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693794627.345310,VS0,VE0
x-cache
HIT
location
https://eb2.3lift.com/xuid?mid=3657&xuid=ZPVBNgANs6j7wQAb&dongle=3c0a&gdpr=0&gdpr_consent=
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
xuid
eb2.3lift.com/ Frame A210
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4945&xuid=ad3c3e1d-5562-463a-9909-5fe7873052b0&dongle=31ac&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4945&xuid=ad3c3e1d-5562-463a-9909-5fe7873052b0&dongle=31ac&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
//eb2.3lift.com/xuid?mid=4945&xuid=ad3c3e1d-5562-463a-9909-5fe7873052b0&dongle=31ac&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
xuid
eb2.3lift.com/ Frame A210
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=C14E48D5177140E2A6F7C142966EB206&dongle=yf3
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7969&xuid=C14E48D5177140E2A6F7C142966EB206&dongle=yf3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 04 Sep 2023 02:30:27 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://eb2.3lift.com/xuid?mid=7969&xuid=C14E48D5177140E2A6F7C142966EB206&dongle=yf3
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 03 Sep 2023 02:30:27 GMT
xuid
eb2.3lift.com/ Frame A210
Redirect Chain
  • https://us.creativecdn.com/cm-notify?pi=triplelift&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6547&xuid=BfCE3hDnG2SOJFTOP3fi&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6547&xuid=BfCE3hDnG2SOJFTOP3fi&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=6547&xuid=BfCE3hDnG2SOJFTOP3fi&dongle=45fg&pi=triplelift&gdpr=0&gdpr_consent=
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT, Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieSyncTripleLift
rtb.adentifi.com/ Frame A210 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncTripleLift?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
xuid
eb2.3lift.com/ Frame A210
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?st=TRIPLELIFT&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6019%26xuid%3D_wfivefivec_%26dongle%3D465e%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=6019&xuid=F06qlvKX1QCZm45&dongle=465e&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=6019&xuid=F06qlvKX1QCZm45&dongle=465e&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:26 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0ee70030db19b748d@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://eb2.3lift.com/xuid?mid=6019&xuid=F06qlvKX1QCZm45&dongle=465e&gdpr=0&gdpr_consent=
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame A210 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=4187545677285024608258
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 9404 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693794627105
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
max-age=59586, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Mon, 04 Sep 2023 19:03:33 GMT
auto-user-sync
ads.stickyadstv.com/ Frame 9404 		0
0
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=null
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=3175ac58-0d9d-47aa-b429-d8f42e050f30&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AACX7E7J6oIAACoiJc0fIg&dataProviderId=817&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
0
0
setuid
prebid-server.rubiconproject.com/ Frame BFD7
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1693794626621.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gd...
  • https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212166994878779
0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212166994878779
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://prebid-server.rubiconproject.com/setuid?bidder=33across&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=212166994878779
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame BFD7
Redirect Chain
  • https://cs.admanmedia.com/ad78321e103d19bf85068e7bf407c77f.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D121%26us_privacy%3D%26xu%3D%5BUID%5D
  • https://ssc-cms.33across.com/ps/?xi=121&us_privacy=&xu=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
  • https://events-ssc.33across.com/match?bidder_id=121&external_user_id=c71bb500-7d1c-4182-b47d-bb1d4ea32a08&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=121&external_user_id=c71bb500-7d1c-4182-b47d-bb1d4ea32a08&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=121&external_user_id=c71bb500-7d1c-4182-b47d-bb1d4ea32a08&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame BFD7
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc1MDI2NzU4Mi90LzI/url/https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D44%26ts%3D1693794626621.3%26us_privacy%3D%26xu%3D%24!%7BTURN_UUID%7D
  • https://ssc-cms.33across.com/ps/?xi=44&ts=1693794626621.3&us_privacy=&xu=3723847017943428256
  • https://events-ssc.33across.com/match?bidder_id=44&external_user_id=3723847017943428256&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=44&external_user_id=3723847017943428256&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
referrer-policy
unsafe-url
server
33XP004
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=44&external_user_id=3723847017943428256&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame BFD7
Redirect Chain
  • https://sync.1rx.io/usersync2/33across?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3D%5BRX_UUID%5D
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D43%26ts%3D123%26us_privacy%3D1---%26xu%3DRX-b3fc7ddc...
  • https://ssc-cms.33across.com/ps/?xi=43&ts=123&us_privacy=1---&xu=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
  • https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=43&external_user_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=1---
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
/
csync.loopme.me/ Frame BFD7 		0
0
match
events-ssc.33across.com/ Frame BFD7
Redirect Chain
  • https://pxl.iqm.com/i/ck/ttacross?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D123%26ts%3D1693794626621.6%26us_privacy%3D%26xu%3D%5BPUID%5D
  • https://ssc-cms.33across.com/ps/?xi=123&ts=1693794626621.6&us_privacy=&xu=5d5d937a-cdd5-4911-9e7d-07699aaba21c
  • https://events-ssc.33across.com/match?bidder_id=123&external_user_id=5d5d937a-cdd5-4911-9e7d-07699aaba21c&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=123&external_user_id=5d5d937a-cdd5-4911-9e7d-07699aaba21c&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:26 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=123&external_user_id=5d5d937a-cdd5-4911-9e7d-07699aaba21c&ts=1693794627&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame BFD7
Redirect Chain
  • https://cs.mobfox.com/4601c426c7c74dd7172eb80111ccb2bf.gif?redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D126%26us_privacy%3D%26xu%3D%5BUID%5D
  • https://ssc-cms.33across.com/ps/?xi=126&us_privacy=&xu=d258f3b0-ccdc-45a0-9fa4-fb4caaa811a3
  • https://events-ssc.33across.com/match?bidder_id=126&external_user_id=d258f3b0-ccdc-45a0-9fa4-fb4caaa811a3&ts=1693794629&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events-ssc.33across.com/match?bidder_id=126&external_user_id=d258f3b0-ccdc-45a0-9fa4-fb4caaa811a3&ts=1693794629&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=&gdpr_consent=&us_privacy=&id=zzz000000000002zzz&ru=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3D33across%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
referrer-policy
unsafe-url
server
33XP017
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=126&external_user_id=d258f3b0-ccdc-45a0-9fa4-fb4caaa811a3&ts=1693794629&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
init
gw.geoedge.be/api/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9c00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 6886c621d4716e156349149ba8d65b40.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
Gz03Z5kb2vp5cjHJPlXd061s-t7e0nvlAm4pTWho-dbDGRsnbmgidA==
x-cache
Miss from cloudfront
ot_multi_template.js
fo-static-usa02.omnitagjs.com/ Frame 260D 		499 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-static-usa02.omnitagjs.com/ot_multi_template.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.30 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-30.deploy.static.akamaitechnologies.com
Software
ayl-lb-fra02 /
Resource Hash
23d42c85b8de044716deef4fd88de6ab9edff8e0a198bc956a290b1bdae32204
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
pragma
public
last-modified
Thu, 30 Mar 2023 13:07:40 GMT
server
ayl-lb-fra02
etag
"6425899c-7cd64"
access-control-max-age
86400
access-control-allow-methods
OPTIONS, GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
false
cache-control
public, max-age=987
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type
expires
Mon, 04 Sep 2023 02:46:54 GMT
outstream-creative.js
ads.blogherads.com/static/ Frame 8922 		24 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/outstream-creative.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/chunks/float-and-scroll-chunk.6fa48da8dfa673bb496a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2185bec7021207aafdae627f04944bdf4da8c35d27a54c0dce4ffad77259083

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HZV4EYQS7PD00JW2
age
1803
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
K2dTgAE1gfHlLByimH4jegflyPqqU8GLiOP2HkkXi1bZMYmrXqPpkMY9dPEqHrvD17sWRq0KZc8=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:30 GMT
x-timer
S1693794627.210795,VS0,VE0
etag
W/"062d239a01e8a33fd7731ee6d55541b6"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
39
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:27 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:27 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:30:27 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:30:27 GMT
crum
dsum-sec.casalemedia.com/ Frame 2A60
Redirect Chain
  • https://um4.eqads.com/um/cs
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657027
43 B
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657027
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:27 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

cache-control
no-cache
content-length
0
date
Mon, 04 Sep 2023 02:30:27 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657027
tap.php
pixel.rubiconproject.com/ Frame 4E97 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=cRLv2PzVdPrHAM2cOnMVC-e3nz_QcvQS9HQwqyq2Tlk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
sync.quantumdex.io/ Frame 4E97 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=onetag&uid=cRLv2PzVdPrHAM2cOnMVC-e3nz_QcvQS9HQwqyq2Tlk
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf8469774bc1-BUF
content-length
43
content-type
image/gif
state
api.btloader.com/mw/ Frame 4798 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame 4798 		43 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
95791
x-guploader-uploadid
ADPycds1XBG3-wrLDO7IshK_DgZ9MgT_W1Gu8ABZlVZNFIs_8p6MprKeBKowtW5XGazcD2TWoheuS_-h-90Ii1tsSLdnAA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FNbFcH62iOCVuz%2BbxfZjswuRU2D9nOXk2FNYXK%2Br3ajyVk8Mtb3EbewKxdNdup0%2BHDtvpYsHfwC8EBA4OctGA5w34lIoCA%2FQNOOtOTlBxFxw48rZwyJssJi039BLPqdtMoVTfdyGwkq83bBwyA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8012cf855dc44bc0-BUF
expires
Sun, 03 Sep 2023 00:53:56 GMT
favicon.ico
ad.doubleclick.net/ Frame 4798 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 20:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Sep 2023 20:41:40 GMT
px.gif
ad-delivery.net/ Frame 4798 		43 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6935714076614861
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
95791
x-guploader-uploadid
ADPycds1XBG3-wrLDO7IshK_DgZ9MgT_W1Gu8ABZlVZNFIs_8p6MprKeBKowtW5XGazcD2TWoheuS_-h-90Ii1tsSLdnAA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WubyHZ0Sf38ZccPNhq6TzucPqdqhFHZBRsrWw0%2BuC37YesurkXDc%2Bxr%2B0rV8qni7tFQaq4%2BV9bJh9yEDgEmPSTeydKCGTkbOOZzRKQX7JAIfbBwWRKAZX2OjAAkHu1IiDYBll2ckPA8eUiKxIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8012cf859dc64bc0-BUF
expires
Sun, 03 Sep 2023 00:53:56 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 6301 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
9948774e9b048321605cfef3aaf6d566addb2eb53c6823fa0c506d05cf2a6d5c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:27 GMT
Expires
0
Keep-Alive
timeout=1, max=491
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
openrtb
adx.adform.net/adx/ Frame 7923 		0
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.nodserving.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.nodserving.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
rtb.adxpremium.services/openrtb2/ Frame 7923 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
ea572956e3581f8805fff7c42c2b31a3c4902824a0e5cf78b5d96b12ea1717c7

Request headers

Referer
https://p.nodserving.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://p.nodserving.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1917
Expires
0
cdb
bidder.criteo.com/ Frame 7923 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.3&cb=95646068262&lsavail=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
77390a45ee324499d29a8ed051daf85943adde0c13e5fbf15afce4139619012d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.nodserving.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://p.nodserving.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
ROS
pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ Frame 7923
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.shefinds.com/ROS?rnd=0.4140224225983582&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.4140224225983582&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&cr...
324 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.4140224225983582&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=87223f4c-12fb-4b8a-a0a7-b201e56a3513
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
0e949b4f700d3202d53bf39f0466f8f01c30f31904d8c163cf2b758e1e042fae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Mon, 04 Sep 2023 02:30:28 GMT
date
Mon, 04 Sep 2023 02:30:28 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.nodserving.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
324
x-sid
IAD-1215

Redirect headers

date
Mon, 04 Sep 2023 02:30:27 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.nodserving.com
location
/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.4140224225983582&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=87223f4c-12fb-4b8a-a0a7-b201e56a3513
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
IAD-1215
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame B3F9 		190 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:ae80:1451:14::1140 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Mon, 04 Sep 2023 03:00:27 GMT
truncated
/ Frame 6A0D 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf5042d32f70606e81c5dc869f64daa38c4b9187b17e2f01c986c32061338b54

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CF20 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
164109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 04:55:18 GMT
expires
Sun, 01 Sep 2024 04:55:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F108 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bf78c28c8eba54a6803828ef02f12bdda25d481e00658c84027298547f206b16
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9CTdXr_xp2YX1tHVHJy5_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-9CTdXr_xp2YX1tHVHJy5_w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:27 GMT
expires
Mon, 04 Sep 2023 02:30:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
multitracking
ghb.spotim.market/adunit/ Frame 4798 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.shefinds.com
Date
Mon, 04 Sep 2023 02:30:26 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
usermatch
ssum-sec.casalemedia.com/ Frame D9CF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
fe3433d10b861b314ff938563faaadc26c2948c5ab4e797334e40cd23b404750

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:27 GMT
Expires
0
Keep-Alive
timeout=1, max=490
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
76929
i.liadm.com/s/ 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/76929?bidder_id=204553&bidder_uuid=HQzWZQZHTprevADoQOeL11M1&rnd=3810
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.108.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-108-181.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif
usersync.php
ssp.api.tappx.com/cs/ Frame 9AC9 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4b35afe8c225a88a7ee1abd1d87b06ee65d1c6a7dfcc77e773c682b33b95f77f

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:27 GMT
server
nginx
transfer-encoding
chunked
ROS
pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ Frame 8419
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.shefinds.com/ROS?rnd=0.25058877364703736&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&f...
  • https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.25058877364703736&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&c...
324 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.25058877364703736&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=aa383d1e-9b5f-45d8-a2cf-ba92691430f1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
0e949b4f700d3202d53bf39f0466f8f01c30f31904d8c163cf2b758e1e042fae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Mon, 04 Sep 2023 02:30:27 GMT
date
Mon, 04 Sep 2023 02:30:27 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.medocdn.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
324
x-sid
IAD-1215

Redirect headers

date
Mon, 04 Sep 2023 02:30:27 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.medocdn.com
location
/hb/1/2e43c/1/www.shefinds.com/ROS?ct=1&r=pbjs&rnd=0.25058877364703736&e=300x250_0%3A300x250%2C336x280%2C320x250&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=aa383d1e-9b5f-45d8-a2cf-ba92691430f1
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
IAD-1215
auction
rtb.adxpremium.services/openrtb2/ Frame 8419 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
57fb1541c9c15b51370d3d8148e9f05c4fa413f9a4c2d407f872f9c576e92ba3

Request headers

Referer
https://p.medocdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://p.medocdn.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1917
Expires
0
openrtb
adx.adform.net/adx/ Frame 8419 		0
619 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.medocdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.medocdn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
cdb
bidder.criteo.com/ Frame 8419 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.3&cb=3954160171&lsavail=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a23e6046c20c4b7a248a69d6b21410e1149ca9e531ab5561fa88f8a691d75a88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.medocdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://p.medocdn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
px.gif
ad-delivery.net/ Frame B3F9 		43 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
95791
x-guploader-uploadid
ADPycds1XBG3-wrLDO7IshK_DgZ9MgT_W1Gu8ABZlVZNFIs_8p6MprKeBKowtW5XGazcD2TWoheuS_-h-90Ii1tsSLdnAA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RoK1S7mVIptTiQYVkJu%2Fazs1OO%2Bzd%2B7q5lku%2B34T8bkOjW3%2BZ1rUXnvaemQU%2FU2iRNrMEvMfEUJCr%2Bu8DXB5Vq%2BPl46ZlJ51UxPmwMqEmo5yvHeptcAd9VS29eN5wqv%2FdKdVP%2FN9TMnwpw6wXA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8012cf85ddc84bc0-BUF
expires
Sun, 03 Sep 2023 00:53:56 GMT
favicon.ico
ad.doubleclick.net/ Frame B3F9 		1 KB
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 20:41:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20927
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 04 Sep 2023 20:41:40 GMT
state
api.btloader.com/mw/ Frame B3F9 		0
39 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame B3F9 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9778377366955684
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
95791
x-guploader-uploadid
ADPycds1XBG3-wrLDO7IshK_DgZ9MgT_W1Gu8ABZlVZNFIs_8p6MprKeBKowtW5XGazcD2TWoheuS_-h-90Ii1tsSLdnAA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DUgIsBWOEBANu2lAlULsWyCOA0FJuWQd7K%2FT8dH%2BE5FPhXsGckt6OFT4dgnSFufLfY7jXb7KkzS4KDV5cElyLyqqWR4%2FzJRW0kaUxzeLVpH0kVSw05GOPcGgQHAPkfOxtCDOrgUvH%2BxWPa14A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
8012cf85ddc94bc0-BUF
expires
Sun, 03 Sep 2023 00:53:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 6301
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=HLiTh2iyUpl_l7NZChyoE2AJ-S0
Date
Mon, 04 Sep 2023 02:30:27 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
user-registering
ads.stickyadstv.com/ Frame 6301
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AACX7E7J6oIAACoiJc0fIg&dataProviderId=817&gdpr=0
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
0
0
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 6301
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 6301
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&us_privacy=1---&cm_callback_url=https%3A%2F...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=495
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
3785
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8012cf887d7a4bcc-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
csync.loopme.me/ Frame 6301 		0
0
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 6301 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-01105f842.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jlKR5jiJRSI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dcm
s.amazon-adsystem.com/ Frame 6301 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4Y3A0ZCSA1N2HQ2SFDGQ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 6301 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43891
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cf88b9de39c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:27 GMT
truncated
/ Frame 260D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
249f04cf76057709c4f1cb55979d9e2e3dfd9b72374b51207570b00fdfd7a18d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame B3F9 		223 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.91.102.49 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-102-49.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
content-encoding
gzip
last-modified
Tue, 22 Aug 2023 17:51:49 GMT
server
Apache
etag
"37c41-60386a6319d17-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
66128
expires
Mon, 04 Sep 2023 02:45:27 GMT
setuid
sync.quantumdex.io/ Frame 1157 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012cf86597f4bc1-BUF
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:30:27 GMT
server
cloudflare
AVmanager.js
player.aniview.com/script/6.1/ Frame 6B73 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js?v=1&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
08a2fbf551787398b8b831d56201b2f9595ae2819df8149acd5fe50a592428f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv0HuQOD6a6hkg04pYCe7O1_0wjFYm61KKdhdKmPkaSLXvZlDhD3GAGknch9YRN8N2yRSYMqxaypz7OXN21FWgf
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130516
last-modified
Sun, 03 Sep 2023 06:24:16 GMT
server
UploadServer
etag
"cf6e07b0fe9b65875d84898a04bedbb3"
vary
Accept-Encoding
x-goog-generation
1693722256381290
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=8kqKHQ==, md5=z24HsP6bZYddhImKBL7bsw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130516
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:27 GMT
config.json
player.adtelligent.com/exchange_rates/279896/ Frame EF3F 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e526dec546f52d33e10654eb66ea362614d3bed63800892021fd0f977c5e8960

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 06 Sep 2023 02:30:27 GMT
date
Mon, 04 Sep 2023 02:30:27 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 12:02:23 GMT
server
nginx
etag
W/"64f3244f-857"
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
max-age=172800
x-proxy-cache
HIT
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame EF3F 		409 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_release_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56233df21d5cf20e733370b2ba8360f291783115d4fc4e633ab23dd0ae4af4e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
gX70kDBwIFvRK6eYdKlVyfGL2wxylpWg
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:22:23 GMT
server
AmazonS3
via
1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"b46160acc37e84b67938a57a16580cfc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2046
x-amz-cf-id
uR1NG0guZZVYx775w5awd7t9OKd9xl0mcGQVsarwLmcqeui4KL8cmA==
grumi.js
rumcdn.geoedge.be/e45fe746-6bec-4139-b231-60c8b14c4edf/ Frame EF3F 		408 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e45fe746-6bec-4139-b231-60c8b14c4edf/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_release_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c1f04fe21bbede0244ae0224bdf117c5568ec2507e1e82a70ebb76b3943f1d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:23 GMT
x-amz-version-id
7ec0PaVLgKi3E9ThIzVfMn8riTKujqcU
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:39:00 GMT
server
AmazonS3
via
1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"887003bb13f01a9e82c2ecc06949e35e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2045
x-amz-cf-id
W13vfiSQunxyvr5RN2qzuOEdAJmUPN47bnu3zcTnJyz0JLAEBvyKKw==
grumi.js
rumcdn.geoedge.be/e7e836b2-5142-430d-88d8-befe5ce3fea8/ Frame EF3F 		631 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e7e836b2-5142-430d-88d8-befe5ce3fea8/grumi.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_release_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33919f57d472baddb3985ea21ce1bd9ae67245b32e079873d29e13c8a5792a4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:23 GMT
x-amz-version-id
Y7zHKWtk5em6zJf9kI28wTzKB_brzJWi
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:22:26 GMT
server
AmazonS3
via
1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"68101b4f7d4cefcd48ee5f099e56f31e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2045
x-amz-cf-id
tqC06YvbiMYlTA2zBNudw5MUxCwgxZ6MW_ZolAm1y3GvnXTwuWFurA==
6.9a16801caca75de51f76.js
ads.blogherads.com/static/chunks/ Frame 8922 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/6.9a16801caca75de51f76.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/outstream-creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eaef5512d357749b8b67afcbc14f1f8142782d78b2bc63a45a3743b724499296

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9ZNE2AJMKH934BTC
age
1804
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
/ZqIPL9SDYHH+5DYU5Egse/DYcq3jyvbij4oEepYKI17y+YHkwwJtt4sEu8ZFvTtgoO5DVUQrLk=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794628.766080,VS0,VE0
etag
W/"9a0dc0236a0f23dbc45173c0327da9a5"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
50
7.37b48ce6bb747213c697.js
ads.blogherads.com/static/chunks/ Frame 8922 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/7.37b48ce6bb747213c697.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/outstream-creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f55c81bdb3f78501328d113278a91beca92f5743976b7df7f57f1a6c20c8cb9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9ZN3Z6AE5T3WB7S2
age
1804
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ZDfu6LylmH2gtjTDSqSVs2LEZ/NN8LOhCwNROvFmjartnO3JU7ltsCzdhx946pBJhuv3AjlhALw=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794628.766047,VS0,VE0
etag
W/"bd4532813580d7940222ba535b06fdfa"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
50
36.bfd587a3f8b4f9fdee8d.js
ads.blogherads.com/static/chunks/ Frame 8922 		943 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/chunks/36.bfd587a3f8b4f9fdee8d.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/outstream-creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e69f5fc00bc8a4343aaa025e8c9ce3345ef0ddc644e5e06f5b91dcb1c0c3c36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
9ZN4TXGGXP1AVK35
age
1804
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
ZJSWvD96rRgU1iJzofSzaBYEKywMBBgOoX96hyoh974rubMZN/3CnR6XZlnKyATcfI8mKPCTpyY=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:32 GMT
x-timer
S1693794628.766373,VS0,VE0
etag
W/"0d530e3b44970dc7e69cd9b2518d4191"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
50
boomerang-client.js
ads.blogherads.com/static/ Frame 8922 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.blogherads.com/static/boomerang-client.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/outstream-creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c4a478f209dddd433c1849f661b71160f14ad996c9c075e5f4b7fbeb21d1bf0f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HZV561WHZ52SDG95
age
1803
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-id-2
GMNGpWtxeT/yiDgZXcb0tLP63TwEygUZonBIQrPVMXmbBxdipP3M8alAGbxgaPyspoVNGwYCTVQ=
x-served-by
cache-yyz4527-YYZ
last-modified
Fri, 01 Sep 2023 00:04:30 GMT
x-timer
S1693794628.767586,VS0,VE0
etag
W/"f4b7dbaeb313299eb47e0873bc496740"
vary
accept-encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400, stale-while-revalidate=3600
accept-ranges
none
x-cache-hits
56
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8922 		356 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/outstream-creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125515
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:27 GMT
ium
ssum-sec.casalemedia.com/ Frame D9CF
Redirect Chain
  • https://ids.ad.gt/api/v1/index?cb=https%3A%2F%2Fssum-sec.casalemedia.com%2Fium%3Fsourceid%3D15%26uid%3D&us_privacy=1---
  • https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eallbkallfh6iae6dg8be9iadce9ehkalcabackkc2jl&us_privacy=1---
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eallbkallfh6iae6dg8be9iadce9ehkalcabackkc2jl&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
0

Redirect headers

location
https://ssum-sec.casalemedia.com/ium?sourceid=15&uid=0001yum0eallbkallfh6iae6dg8be9iadce9ehkalcabackkc2jl&us_privacy=1---
date
Mon, 04 Sep 2023 02:30:32 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf880dd94bc0-BUF
content-type
text/html; charset=utf-8
user-registering
ads.stickyadstv.com/ Frame D9CF
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=NjdmODgzNzE2NDJmYjk3NGVmNDZlYmRlMWZmOGE2&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEMFMCvRJxhEVucABoPBOZe0&google_cver=1&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=561&userId=fae2f914-4aca-11ee-872e-d4bc0acdf791
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame D9CF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame D9CF 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D9CF 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame D9CF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:28 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MEB42H65VKF5N75P3HCV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D9CF
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&us_privacy=1---&cm_callback_url=https%3A%2F...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
7566
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662104814330646
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8012cf8b4d9c4bcc-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame D9CF 		43 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43892
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cf8b5e6339c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:28 GMT
pixel
tracking-usa02.omnitagjs.com/tracking/ Frame 6A0D 		49 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-usa02.omnitagjs.com/tracking/pixel?event_kind=PLACEMENT_MATCH_BROWSER&attempt=b04bc38658f047ac01154659bbabfbcd
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
info-ayl.svg
fo-static-usa02.omnitagjs.com/fo-static/native/images/ Frame 6A0D 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fo-static-usa02.omnitagjs.com/fo-static/native/images/info-ayl.svg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.30 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-30.deploy.static.akamaitechnologies.com
Software
ayl-lb-fra02 /
Resource Hash
d85b0c45e4dcbe764a9f4750e9189f9167f947d68be7fb60626155c043ebf09b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
content-length
3443
pragma
public
last-modified
Tue, 28 Mar 2023 13:42:02 GMT
server
ayl-lb-fra02
etag
"6422eeaa-d73"
access-control-max-age
86400
access-control-allow-methods
OPTIONS, GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=767
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type
expires
Mon, 04 Sep 2023 02:43:14 GMT
pixel
tracking-usa02.omnitagjs.com/tracking/ Frame 6A0D 		49 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-usa02.omnitagjs.com/tracking/pixel?event_kind=IMPRESSION&attempt=b04bc38658f047ac01154659bbabfbcd&campaign=e2a82912438eaa7d2f234f778f82c274&beta=false
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
49
expires
0
pixel
tracking-usa02.omnitagjs.com/tracking/ Frame 6A0D 		49 B
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-usa02.omnitagjs.com/tracking/pixel?event_kind=INSERTION&attempt=b04bc38658f047ac01154659bbabfbcd&campaign=e2a82912438eaa7d2f234f778f82c274
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0
headerstats
as-sec.casalemedia.com/ Frame AF10 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame AF10 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfFyQXwy1UuFoxbX2na1VGHmomniE9Wm5WFtuSD1hBiYaydOdFGSULOoy8DfIo1Zo8kgoJUOMlWQkMeFt8Xj-MhhF9RTJ_tgE4CEPyqzPWvkAd3meV7FpUO-4Fg1CK211kbRYd6iL4ZJs2l2Zlyp8HIlfa0wYdaryZX48NLNadmB5ggnbibacJdEP6ArEFd0PsUzhqw1lds18ORUfxM5kCdUlrUpji8Nq_gqCGJ4d2mHzCuhDSOsco_OooaefN8R9V8cxYxY0fKR_Kta1UyzhH2FBXiuupxcRif5-R4NAKLc_u5wBXgdK21xMzhceNFmx0o6AHyNHsHg&sai=AMfl-YTTPCXtEaru1uGOMzVuMsbC7Z_1WOndgfhw7fyS_eurl04hg1urFOJJ9y7wUJnkWJNUCPRaYcjPvu7QvX6V1Dk3TwoYVT5SvvfE6J6cVFgF6AyT09mn5JUkSjlrj2gWm0_ge5XMGenR1-iYMm7WMKw&sig=Cg0ArKJSzAyIZG6RR_S4EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:27 GMT
/
csync.loopme.me/ Frame 9AC9 		0
0
usync
ssp.api.tappx.com/cs/ Frame 9AC9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=7482893443
  • https://sync.1rx.io/usersync/beeswax/AACX7E7J6oIAACoiJc0fIg
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3DRX-b3fc7ddc-d062-4187...
  • https://ssp.api.tappx.com/cs/usync?idmn=162&type=iframe&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&auxuid=
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=162&type=iframe&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&auxuid=
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:30 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
transfer-encoding
chunked
content-type
text/html; charset=UTF-8

Redirect headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ssp.api.tappx.com/cs/usync?idmn=162&type=iframe&id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&auxuid=
Content-Type
text/html
Connection
keep-alive
setuid
prebid-server.rubiconproject.com/ Frame 9AC9 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=tappx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=c2daf9e7-47e6-49b9-b795-e5324b079ad1f1a
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame B3D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=2138938937412773&rc=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame 132C
Redirect Chain
  • https://um4.eqads.com/um/cs?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657027
43 B
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657027
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:27 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

cache-control
no-cache
content-length
0
date
Mon, 04 Sep 2023 02:30:27 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657027
setuid
prebid-server.rubiconproject.com/ Frame BDE9
Redirect Chain
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
  • https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
86 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
content-encoding
gzip
x-accel-expires
0
vary
Origin
content-type
text/html; charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
150
expires
Thu, 01 Jan 1970 00:00:00 UTC
prbds2s
rtb.gumgum.com/usync/ Frame ABDA 		2 KB
988 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.116.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-116-249.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c1386718a8ec989b9968427a08fa8e0de0a6d61da8ade2ea506d49a3b370fe0e

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
etag
W/"0d62d8d7073f37b82697de1648c07a65e"
server
nginx
timing-allow-origin
*
/
ghb.spotim.market/geo/ Frame EF3F 		158 B
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/geo/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_release_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6435522b12db8477c3d43f483b51389315e5cb5144f53753f7116b462ec5947d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
158
tracking
ghb.spotim.market/adunit/ Frame EF3F 		43 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=31&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=49l722.z3&features=81953&vpbv=R169&tte=3088&lifecycle_tte=3405
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_release_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
j.html
p.safeservingcdn.com/prebidlink/19604/ Frame 63B3 		1 KB
888 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p.safeservingcdn.com/prebidlink/19604/j.html?i=11598
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=172800
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:28 GMT
etag
W/"620bee41-43d"
expires
Wed, 06 Sep 2023 02:30:28 GMT
last-modified
Tue, 15 Feb 2022 18:17:37 GMT
server
nginx
csyncs
ghb.spotim.market/ Frame EF3F 		751 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/csyncs?aid1=730717&aid2=744459&aid3=767137&aid4=767587&aid5=833229
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_release_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b7c513688c795561881700a98914e119134e8501bff14df90bc0340824b26f51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:27 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
372
RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
sync.targeting.unrulymedia.com/csync/ Frame 379D
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp...
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=1132783314
  • https://sync.1rx.io/usersync/beeswax/AACX7E7J6oIAACoiJc0fIg
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
multitracking
ghb.spotim.market/adunit/ Frame B3F9 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.shefinds.com
Date
Mon, 04 Sep 2023 02:30:27 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
prebid
prebid.deepintent.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
a /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-max-age
3600
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Mon, 04 Sep 2023 02:30:27 GMT
server
a
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cdb
bidder.criteo.com/ Frame EF3F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=140&profileId=185&av=34&wv=7.37.3&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFprWTJ4clExbnFHSGltWEEzJTJGa0hEZyUyRjhmSnUlMkZVbVA1JTJCWE5UUjZLJTJCdHN4dFhKWVZqUEV0emVvUmRSM3QxdVJvMDF2SW5KdGRvNW9Qc1VEcEVIU2VRTFNpdGdCSHQwbnpmRHIxN2hnJTNEJTNE&cb=60918007987
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d01d9248154fcc28c73bc1d1472645b8975d7f4a7d627378131b1b565d74c8e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
bid
ap.lijit.com/rtb/ Frame EF3F 		24 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.37.3
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
032df67c428810f3b83d34189f338a6a807e0c2133e5f429d4089ff2dba81589

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:28 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF3F 		472 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=2%2C16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-GeneralDes%23div-gpt-ad-1644400642420-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=18d96fe1-7d16-4eb8-8de5-6daebe5cc07c&l_pb_bid_id=9706f40c877daf&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-GeneralDes%23div-gpt-ad-1644400642420-0&slots=1&rand=0.8882971092354264
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f61118c22c99bf2b12b877fc454591b2bed78c0105bbe4a0585526338c7c2187

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
472
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF3F 		473 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2290542&size_id=15&alt_size_ids=2%2C16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-GeneralDes%23div-gpt-ad-1644400642420-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=18d96fe1-7d16-4eb8-8de5-6daebe5cc07c&l_pb_bid_id=1009806eb825ee1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-GeneralDes%23div-gpt-ad-1644400642420-0&slots=1&rand=0.9011715957426492
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
64f0a7fccc0ceb14ee0994228dc339addfc8dfd423b601b21a3ad44b17e9703d

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
473
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF3F 		473 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418298&size_id=15&alt_size_ids=2%2C16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-GeneralDes%23div-gpt-ad-1644400642420-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=18d96fe1-7d16-4eb8-8de5-6daebe5cc07c&l_pb_bid_id=115f04a44dd76d9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-GeneralDes%23div-gpt-ad-1644400642420-0&slots=1&rand=0.30103448441653824
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
46a55ca0d9edd7a333c6d0e7ac11bfc3bc884ff67803cd3b9afaedccdc790560

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
473
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF3F 		473 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2418378&size_id=15&alt_size_ids=2%2C16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-GeneralDes%23div-gpt-ad-1644400642420-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=18d96fe1-7d16-4eb8-8de5-6daebe5cc07c&l_pb_bid_id=122b251cfb43fab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-GeneralDes%23div-gpt-ad-1644400642420-0&slots=1&rand=0.19702906619134009
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
4bd2bd5daa03576633f75d06388ff085cd188ec182e02c5d90781c7d51c1b883

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
473
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame EF3F 		473 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2498916&size_id=15&alt_size_ids=2%2C16%2C159&us_privacy=1---&rp_schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,&eid_id5-sync.com=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA%5E1%5E&eid_pubcid.org=d97c4339-b959-448c-8222-96c0c7a2480c%5E1&eid_spotim.market=0d352daf-04c4-4bf7-b665-23cc0cfe7134%5E1&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.pbadslot=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-GeneralDes%23div-gpt-ad-1644400642420-0&tk_flint=pbjs_lite_v7.37.3&x_source.tid=18d96fe1-7d16-4eb8-8de5-6daebe5cc07c&l_pb_bid_id=13b7fd4187b9865&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F39694909%2C22607427172%2FConversationDisplay%2FCD-GeneralDes%23div-gpt-ad-1644400642420-0&slots=1&rand=0.4572720576235272
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ee41b79beba26483605d00c7aeea29466de98c8cd65bbe53b4e93b9e25400794

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
473
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ Frame EF3F 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=140&profileId=185&av=34&wv=7.37.3&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFprWTJ4clExbnFHSGltWEEzJTJGa0hEZyUyRjhmSnUlMkZVbVA1JTJCWE5UUjZLJTJCdHN4dFhKWVZqUEV0emVvUmRSM3QxdVJvMDF2SW5KdGRvNW9Qc1VEcEVIU2VRTFNpdGdCSHQwbnpmRHIxN2hnJTNEJTNE&cb=82684825024
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
d1f44e671a9c3fd6f883e3ef7c04150c97675f3d76099b21550af0c1ccfe9257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
unruly_prebid
targeting.unrulymedia.com/ Frame EF3F 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.127.204.163 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.shefinds.com
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ Frame EF3F 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
an-x-request-uuid
a2bbd6c2-81ed-44b4-ba07-fdcaec494f9e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame EF3F 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bids
prebid-eu.creativecdn.com/bidder/prebid/ Frame EF3F 		0
178 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:28 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
arj
spot-im-d.openx.net/w/1.0/ Frame EF3F 		189 B
453 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spot-im-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=18d96fe1-7d16-4eb8-8de5-6daebe5cc07c%2C18d96fe1-7d16-4eb8-8de5-6daebe5cc07c%2C18d96fe1-7d16-4eb8-8de5-6daebe5cc07c&nocache=1693794628154&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&us_privacy=1---&id5id=ID5*kRC90BwzaTDuNmG8qtXPP5kNELI1SFUElvmuP39A4g9fVSBo1SH0of9bN43JLzUyX1bqlUOgxPA-YAAE_RnvpA&pubcid=d97c4339-b959-448c-8222-96c0c7a2480c&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&aus=300x250%2C728x90%2C320x250%2C336x280%7C300x250%2C728x90%2C320x250%2C336x280%7C300x250%2C728x90%2C320x250%2C336x280&divids=div-gpt-ad-1644400642420-0%2Cdiv-gpt-ad-1644400642420-0%2Cdiv-gpt-ad-1644400642420-0&aucs=%252F39694909%252C22607427172%252FConversationDisplay%252FCD-GeneralDes%2523div-gpt-ad-1644400642420-0%2C%252F39694909%252C22607427172%252FConversationDisplay%252FCD-GeneralDes%2523div-gpt-ad-1644400642420-0%2C%252F39694909%252C22607427172%252FConversationDisplay%252FCD-GeneralDes%2523div-gpt-ad-1644400642420-0&auid=540934835%2C556580685%2C559524499
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7c3e28378658977dcedf50881c5b9c15cf230fac7ca91de05bf84b112e31a037

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.shefinds.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
177
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ Frame EF3F 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&PageUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&PageReferrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&CanonicalUrl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
9baea8d193994ee4c35764f8965fee1c2213db2278a0a0bfd6347252e8b4836a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
190
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
/
ghb.adtelligent.com/v2/auction/ Frame EF3F 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e6c54a23c0752a56383e49234bc04160e565a8b987089d96107cd6060c4fae9d

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:28 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
764
v1
prg.smartadserver.com/prebid/ Frame EF3F 		0
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.105.14.96 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
23.105.14.96.rdns.racklot.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:27 GMT
vary
Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EF3F 		37 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb21b6cb45c56256ced8bcae650594f3e14c8bcee7013572554576a070d3927a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWzDSWF%2BsKp3ZGgPJ%2B0SxIbHBdywMr4R7gE3ccb%2BHf0gbiz3Ld7WZynE7gwYPBCKLj9dZqTtL%2FqRu85no3gS7ayXZxyvMA7XX2Y7wWzmrMKGzyV4ld523jl9Siu9nEIdFaUK4WYt"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf8a1d32542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame EF3F 		37 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=356568
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb21b6cb45c56256ced8bcae650594f3e14c8bcee7013572554576a070d3927a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3KE4pR1pe75Wj%2FAC3Bn2cHzXNrJ%2F6%2FGSd3TyACFN%2FPQrG%2BnMTmLzv5JkWKSLtFFjPktJDVAkrbKDbMQ4gOh3XCIjIUp4Kr5l5z0Bj9rFiEASE4yJm1M7mbggvZFiaLrfOdRZNHG"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf8a1d34542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
translator
hbopenbid.pubmatic.com/ Frame EF3F 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
prebid.deepintent.com/ Frame EF3F 		0
41 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.deepintent.com/prebid
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 02:30:27 GMT
server
a
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST, GET, OPTIONS, DELETE
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, X-CSRF-TOKEN
c
prebid.a-mo.net/a/ Frame EF3F 		0
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:27 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
106
server
envoy
vary
origin, Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFprWTJ4clExbnFHSGltWEEzJTJGa0hEZyUyRjhmSnUlMkZVbVA1JTJCWE5UUjZLJTJCdHN4dFhKWVZqUEV0emVvUmRSM3QxdVJvMDF2SW5KdGRvNW9Qc1VEcEVIU2VRTFNpdGdCSHQwbnpmRHIxN2hnJTNEJTNE&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
467363
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 4798
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFp...
  • https://mug.criteo.com/sid?cpp=Cl8IU3xtaGxpVnBERlp5MXppNjFVbXNtRjBkbmhYeVhSQldvQ1NxN3UvREVVc29lazFjbFVQcG9lQnJmbm1oa1BmdlVVeEV5bEZpVEpWTVRnd2FTRlZYanVxZ3ZyNzkyYWFBK1E0T3czU0wzQVp2eUVURG1MUzR5Tmd6aV...
421 B
696 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Cl8IU3xtaGxpVnBERlp5MXppNjFVbXNtRjBkbmhYeVhSQldvQ1NxN3UvREVVc29lazFjbFVQcG9lQnJmbm1oa1BmdlVVeEV5bEZpVEpWTVRnd2FTRlZYanVxZ3ZyNzkyYWFBK1E0T3czU0wzQVp2eUVURG1MUzR5Tmd6aVMwVUxySXFnaU55emlOaDFmeVhqMEJRaDVwVk9sSVJqaDFJeXYyVWFBL2t1K3VNYnRpVGM2cG9IQXc0RG4rckc2QVptR2NYVVRWTDltOTBaaG5ZZlJveHh1Q096M3B3YmFRU0FNY3lFVnl2eVJ5dVlDMDhINVpPaUUwLyt0cjd1MGFCQWRhbkxna0JWam9PcVlMMDZ2MXBleU5haGZ1VENIdS9ISWFTYkE5YmtKOG1jem0xTT18&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c902bcfe3acffa2a982753f421547f5d090043271051a4b8bc7b245921a16386
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1150386
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
location
https://mug.criteo.com/sid?cpp=Cl8IU3xtaGxpVnBERlp5MXppNjFVbXNtRjBkbmhYeVhSQldvQ1NxN3UvREVVc29lazFjbFVQcG9lQnJmbm1oa1BmdlVVeEV5bEZpVEpWTVRnd2FTRlZYanVxZ3ZyNzkyYWFBK1E0T3czU0wzQVp2eUVURG1MUzR5Tmd6aVMwVUxySXFnaU55emlOaDFmeVhqMEJRaDVwVk9sSVJqaDFJeXYyVWFBL2t1K3VNYnRpVGM2cG9IQXc0RG4rckc2QVptR2NYVVRWTDltOTBaaG5ZZlJveHh1Q096M3B3YmFRU0FNY3lFVnl2eVJ5dVlDMDhINVpPaUUwLyt0cjd1MGFCQWRhbkxna0JWam9PcVlMMDZ2MXBleU5haGZ1VENIdS9ISWFTYkE5YmtKOG1jem0xTT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
414838
content-length
0
expires
0
rid
match.adsrvr.org/track/ Frame 4798 		108 B
887 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
264ddadc2de6c3803a3989b31228cf6a62287463552e10036dc0e2b40b8b48ea

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 04 Oct 2023 02:30:28 GMT
csync
sync.spotim.market/ Frame AF1D
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
43 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:27 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:28 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
X-Sovrn-Pod
ad_ap7ewr1
/
onetag-sys.com/usync/ Frame ED05 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1693794624347&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
d956a3ba29b5004b9fb06c9d3597cb214d7f6ed351660ba533e813155e1bc05b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
827
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E044 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101339
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 2546 		184 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
30811f9af1c96e4bb1d57ba56bd1ce1554c36b4ffb0a6f87168bab6a76b10d3a

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:27 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
1
/
onetag-sys.com/usync/ Frame 828B 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
3c645a4b8aa2cc8552d0511ebb73dc04bcd4551f3b4cb71dae868f22649b6ddd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
917
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 4C88 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 269D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A50B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101339
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 073D 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
671
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cf8a5e6d36ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Mon, 04 Sep 2023 06:30:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
csync
sync.spotim.market/ Frame 0964
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:27 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
9cef3f89-4a0a-4e7b-a09b-dab9f79a6749
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
syncpixel.html
cdn.deepintent.com/ Frame 65E6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.deepintent.com/syncpixel.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.16.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
136.16.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
2178
content-type
text/html
date
Mon, 04 Sep 2023 01:52:16 GMT
etag
"132d7c71dbfb6624f05d37c846072bf8"
last-modified
Mon, 07 Nov 2022 09:28:43 GMT
server
UploadServer
x-goog-generation
1667813323196150
x-goog-hash
crc32c=nI96+A== md5=Ey18cdv7ZiTwXTfIRgcr+A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2178
x-guploader-uploadid
ADPycdvmr68H6uuHn_J2x5009Ydjal_0U2re6ZjrUrzfukXGfnhk8RND40bk4T70HedxVKU6LyDDf0pbpH77bb68Uz8oRQ
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
49 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT, Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
49 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
Date
Mon, 04 Sep 2023 02:30:28 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
49 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
date
Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
info2
uipglob.semasio.net/sonobi/1/ Frame 4798
Redirect Chain
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Frontend-ID
8
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Frontend-ID
6
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/sonobi/1/info2?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
all
ssl-market-east.smrtb.com/sync/ Frame 4798 		0
0
30907
tags.bluekai.com/site/ Frame 4798 		62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 04 Sep 2023 02:30:28 GMT
content-length
62
content-type
image/gif
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=sonobi&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1813050723370043128&expires=30&ssp=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=2df8bf4b97fb4e89b8bf4b97fb8e8987
49 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=2df8bf4b97fb4e89b8bf4b97fb8e8987
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:27 GMT
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=2df8bf4b97fb4e89b8bf4b97fb8e8987
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
0
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
49 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
date
Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Mon, 04 Sep 2023 02:30:28 GMT
server
Apache-Coyote/1.1
content-length
0
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usg.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDdmMDY0YmItNzViOC00MmYzLWE5OTMtMmU5ZGVjNTNmM2Jj
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
49 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
date
Mon, 04 Sep 2023 02:30:28 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
ibs:dpid=87880&dpuuid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
dpm.demdex.net/ Frame 4798 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-0cbfa4a36.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Ph/RWYQkR9Q=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=07f064bb-75b8-42f3-a993-2e9dec53f3bc&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
49 B
743 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
77c2c2de-7d2b-4d31-a64d-e76a4a5e2882
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
49 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
date
Mon, 04 Sep 2023 02:30:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362248.gif
idsync.rlcdn.com/ Frame 4798
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=4d75faa76af0d0cdccc06ad51ee7cb0f4b920d7bf715165cb3c9b298e7776d87b0da87c991749652&redir=https%3A%2F%2Fidsync.rlcdn.com%2F362248.gif%3Fpartner_uid%3D%24%7BD...
  • https://idsync.rlcdn.com/362248.gif?partner_uid=48096718709407920331769723118062651737
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362248.gif?partner_uid=48096718709407920331769723118062651737
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

DCS
dcs-prod-va6-1-v049-072f07af8.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
JntWZeMCRxs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://idsync.rlcdn.com/362248.gif?partner_uid=48096718709407920331769723118062651737
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/ Frame 4798
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=3356acbef0&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=3356acbef0
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=3356acbef0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=3356acbef0
date
Mon, 04 Sep 2023 02:30:28 GMT
server
Kestrel
content-length
227
user-sync
sync.adkernel.com/ Frame 4798 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
usersync
match.bnmla.com/ Frame 4798 		0
0
usersync.php
ssp.api.tappx.com/cs/ Frame EAE3 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
4b35afe8c225a88a7ee1abd1d87b06ee65d1c6a7dfcc77e773c682b33b95f77f

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
server
nginx
transfer-encoding
chunked
usync.html
eus.rubiconproject.com/ Frame B90F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame B290 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
671
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cf8b1f6b36ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Mon, 04 Sep 2023 06:30:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6C1E 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 7531 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
an-x-request-uuid
bc3e3018-1410-4004-93aa-d92332c0569f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame FA68
Redirect Chain
  • https://um4.eqads.com/um/cs?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657028
43 B
631 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657028
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:28 GMT
Expires
0
Keep-Alive
timeout=1, max=496
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

cache-control
no-cache
content-length
0
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=bc246ce7-03e8-4515-9464-ed55fdde1a9c&expiration=1701657028
pixel
tracking-usa02.omnitagjs.com/tracking/ Frame 260D 		49 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-usa02.omnitagjs.com/tracking/pixel?event_kind=PLACEMENT_MATCH_BROWSER&attempt=04522f80b53c4122e897a1d60513b8e9
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
info-ayl.svg
fo-static-usa02.omnitagjs.com/fo-static/native/images/ Frame 260D 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fo-static-usa02.omnitagjs.com/fo-static/native/images/info-ayl.svg
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.30 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-30.deploy.static.akamaitechnologies.com
Software
ayl-lb-fra02 /
Resource Hash
d85b0c45e4dcbe764a9f4750e9189f9167f947d68be7fb60626155c043ebf09b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
content-length
3443
pragma
public
last-modified
Tue, 28 Mar 2023 13:42:02 GMT
server
ayl-lb-fra02
etag
"6422eeaa-d73"
access-control-max-age
86400
access-control-allow-methods
OPTIONS, GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=766
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type
expires
Mon, 04 Sep 2023 02:43:14 GMT
pixel
tracking-usa02.omnitagjs.com/tracking/ Frame 260D 		49 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-usa02.omnitagjs.com/tracking/pixel?event_kind=IMPRESSION&attempt=04522f80b53c4122e897a1d60513b8e9&campaign=e2a82912438eaa7d2f234f778f82c274&beta=false
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
49
expires
0
pixel
tracking-usa02.omnitagjs.com/tracking/ Frame 260D 		49 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-usa02.omnitagjs.com/tracking/pixel?event_kind=INSERTION&attempt=04522f80b53c4122e897a1d60513b8e9&campaign=e2a82912438eaa7d2f234f778f82c274
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
ab
nym1-ib.adnxs.com/ Frame 4A2B 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QKVD_BMlQcAAAMA1gAFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjKjYJkx0bgXhdwz8RJgRpzhMyvD8ZAAAAoEfhGEAhJgRpzhMyvD8pkx0JJNAxAAAA4KNw5T8w_JHNDDjwO0CYOUgCUJTPjNwBWOPHWWAAaKawZHiRzQWAAQGKAQNVU0SSAQEG8EyYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoCaXVmKCdhJywgMzg3MTg3MywgMCk7dWYoJ2knLCA3NDU4MDU1LCAwKQUULGcnLCAyMjAxODc2ORUpAHMBFRw4NzcyMzg4NBUWMHInLCA0NjE1ODAxODAFFvQ-AZIC1QQhWm51SUJ3aVV3cHNiRUpUUGpOd0JHQUFnNDhkWk1BQTRBRUFBU0pnNVVQeVJ6UXhZQUdCTGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRSGMzTk1KVjEzRFA4RUIzTnpUQ1ZkZHd6X0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCaDVySEFfVUJtcG1aUHBnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FJQURBWmdEQWFJRERnal8yYjB0RUFFWUFpMmFtWmstb2dNT0NQX1p2UzBRQ3hnQ0xacVptVDY2QXdsT1dVMHlPalUxT1REZ0E3UkVnQVM4eS1jTGlBVHd6T2NMa0FRQm1BUUJ3UVFBQUEBwQGMAGsRwQHEFFlCQUR4QgELDQFcaUFYV0s1QUY0NDFYbUFYc29wbUpBYWtGDR8UQThELXhCMRBAQUFBd1FVQUFBQkFNelBUUDguKAAEX1IuKAAAMgUoAQHwQ0R3UC1BRm1YYndCZEgxdndyNEJZR3A3QUdDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCdHY1Zm1xOGRPOF9xQVlFc2dZa0NRAUgJAQBFHYwARx0MAEkdDKh1QVlLLUFmNTB3ajRCLUhYQ1BnSG50c0ktQWV5X1FnLpoCmQEhMnhVVFdROlkCqE9QSFdTQUFLQUF4Ml9sLWFyeDA3ejg2Q1U1WlRUSTZOVFU1TUVDMFJFa0EJjwxEd1AxPWAARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRERDwXkR3UHcuLtgCytMC4AKLrTzqAj5odHRwczovL3d3dy5zaGVmaW5kcy5jb20vY29sbGVjdGlvbnMvd2FsbWFydC1wYWNrYWdpbmctY2hhbmdlL_ICEQoGQURWX0lEEgczaa8c8gISCgZDUEcBFAAIcZsBFQgFQ1ABFAAJdZoQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEgBzc0NTgwNTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwfYADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYA4_0I-ADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECzk2LjkuMjQ5LjQ1qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQONzMyMCNOWU0yOjU1OTDaBAIIAeAEAPAElKGGdPoEEgkAAABgf3FFQBEAAAAAIrlTwIgFAZgFAKAF_xEBoAGqBSBiMDRiYzM4NjU4ZjA0N2FjMDExNTQ2NTliYmFiZmJjZMAFAMkFAUIYAADwP9IFCQFXBQE02AUB4AUB8AWCkDL6BQQBpjSQBgCYBgCiBg43NjY0IwWbIDY0MTW4BgDBBgUzLADwP9AGqSXaBhYKEAkRGQFgEAAYAOAGAfIGhwEI441XEoABckJPMk9sb0Hq2ERBQWtDQlFFSS1hcndDUkNEX2JBQ0dLWGx0QUlnQnlnQVFOeVE4UVJJaTRuRENsQzBSRmlQTW5R-ARBQWEIBGdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAB4QS4ugAcBiAcAoAcBugcIKgQxLS0tQAHIB5HNBdIHDS0GBDBAAbcI2gcGAf-sGADgBwDqBwIIAPAHg8mJBooIAhAAlQgAAIA_mAgBwAjK0wLSCAYIABAAGAA.&s=7d65d1d53cd2f58cf2d8b1f0515cdb449ac0c01b&pp=0.11
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9b58ca17f7efb9c045f556b1f7c44eaef6a87e5fcd7ca8fb018937f1d4534b5e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
content-encoding
gzip
x-creative-id
461580180
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
pragma
no-cache
an-x-request-uuid
8721e33e-20b8-4551-94c4-994297144679
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
fo-ssp-usa02.omnitagjs.com/fo-ssp/ Frame 6A0D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-ssp-usa02.omnitagjs.com/fo-ssp/sync?attempt=b04bc38658f047ac01154659bbabfbcd
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
6ef62dcc869fc67218694d5b857c4b6c15e859c6739d6e4c00f75816c4e673b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
7
content-length
1005
expires
0
cookie_sync
prebid-server.rubiconproject.com/ Frame AF10 		3 KB
871 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/cookie_sync
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e8156439b05cd9313f291403e0384e563d56c4b4ac2a1c14e84cf08f89b24c9b

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
598
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame AF10 		216 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b26601e12aedd0c035104155a3377019fa5828d0dc3cca93297f28d718300642

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.127.0
Content-Type
application/json
access-control-allow-origin
https://www.shefinds.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
192
Expires
0
prebid
ib.adnxs.com/ut/v3/ Frame AF10 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
an-x-request-uuid
6799a6ae-8a1d-4ff1-884a-282c5a759614
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
ap.lijit.com/rtb/ Frame AF10 		24 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.40.0
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
a0a91a7fd74df3eaad9dc98e269fc0f52c0fd6278a951c98809d7c523f8110bb

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 04 Sep 2023 02:30:28 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.shefinds.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame AF10 		671 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10278&site_id=84040&zone_id=587220&size_id=2&rp_schain=1.0,1!pmc.com,1179161,1,,,&tpid_tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&eid_adserver.org=3175ac58-0d9d-47aa-b429-d8f42e050f30&rf=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&kw=climatechange%2Ceco-friendly%2Cenvironment%2Cgrocerystorenews%2Cnews%2Creddit%2Cshoppingnews%2Cstorenews%2Cwalmart%2Cwalmartnews&tg_i.page=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&tg_i.domain=shefinds.com&tg_i.bidtype=post&tg_i.permutive=21967%2C81752%2C116913%2C116916%2C128800%2C128890%2C157392%2C21967%2C32745%2C43641%2C73308%2C81752%2C87946%2C95987%2C95993%2C96402%2C97250%2C101262%2C102567%2C105086%2C116913%2C116916%2C124918%2C128800%2C128890%2C146917%2C157392&tg_i.vertical=fashion&tg_i.vertical1=fashion&tg_i.pbadslot=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fbanner%2Fskm-boomerang-el-0-1&tk_flint=pbjs_lite_v7.40.0&x_source.tid=0ce4cbdf-7a1e-4e5c-af71-e6a0b481a388&l_pb_bid_id=8476b312b7347c&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.05&rp_maxbids=1&p_gpid=%2F8352%2C1017293%2Fa.shefinds%2Ffashion%2Fbanner%2Fskm-boomerang-el-0-1&slots=1&rand=0.9220794517871764
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
00ec700d0355e8a078e64839f7f818aa8a8a58968579bd29b2837f37e4739b93

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
671
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ Frame AF10 		36 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=473696
Requested by
Host: ads.blogherads.com
URL: https://ads.blogherads.com/static/postbid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426bab038b23ef01d7590704fd72732c2b20bcd77af33152b27fe5ac16924e9a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zilrehx0H9aBSeBWFV0UcWSE2H98Mj3zkGpMUHFf1e22FE9gepb54lXtMepeDEEQfaWfkRbdLG3s%2FETEw73HlRK5A5u9gD0nPd1eNHzjdtoW2GtkTe%2FHuAl%2FuchN1WzHPs7%2FtPUk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cf8bff95542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame DB8A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 3E3F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
671
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cf8c28df36ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Mon, 04 Sep 2023 06:30:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4B6D 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FB4A 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2C01 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 3CE7 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
671
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cf8c998336ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Mon, 04 Sep 2023 06:30:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
user-sync
sync.adkernel.com/ Frame 420E 		761 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
6381db42814c1a98bdff9a6fe5b82c003034bc2e8765c6fd645c1dd855054f08

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
761
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Sep 2023 02:30:28 GMT
Pragma
no-cache
Server
nginx
async_usersync.html
acdn.adnxs.com/dmp/ Frame C437 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 19ED 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame D59B 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
671
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cf8d2a3336ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Mon, 04 Sep 2023 06:30:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D60F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5E14 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 2064 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
671
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cf8d8aa636ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Mon, 04 Sep 2023 06:30:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 0317 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
an-x-request-uuid
cf565f18-d240-42f7-abd1-bf3b5ed11a35
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
country
api.btloader.com/ Frame 4798 		16 B
31 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ Frame 4798 		0
12 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=Qy0ZG0Q1&w=4661567486951424&o=5080945107927040&cv=2.1.17-2-g0b33bd3&r=false&vr=300x250&pageURL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&sid=VxO8w12BJJ&upapi=true
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
country
api.btloader.com/ Frame B3F9 		16 B
31 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: c.aaxads.com
URL: https://c.aaxads.com/aax.js?pub=AAX413QP4&hst=www.shefinds.com&ver=1.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
usersync
usersync.gumgum.com/ Frame ABDA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=e5cf3b29-2099-4e63-9375-b14659614e64&ssp=gumgum2&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame ABDA
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_conse...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
no-cache
X-TraceId
b6896bca5bfb7aef85bb006744827db3
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=cf3d1abc-8c5c-4479-a90c-615ee6ecc762&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:30 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame ABDA
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:28 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame ABDA
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:29 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame ABDA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Date
Mon, 04 Sep 2023 02:30:29 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame ABDA
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
date
Mon, 04 Sep 2023 02:30:28 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame ABDA
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame ABDA 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=gumgum&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFprWTJ4clExbnFHSGltWEEzJTJGa0hEZyUyRjhmSnUlMkZVbVA1JTJCWE5UUjZLJTJCdHN4dFhKWVZqUEV0emVvUmRSM3QxdVJvMDF2SW5KdGRvNW9Qc1VEcEVIU2VRTFNpdGdCSHQwbnpmRHIxN2hnJTNEJTNE&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:27 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
339560
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame B3F9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFp...
  • https://mug.criteo.com/sid?cpp=s3BpJnwwWnR5Y3M1WC8xZlN2NkxVUkZmODZmRnMva2FWSXk4V3g3NVBmbXY3OVNMclJ1STFLcTFPNkFmQXg4VnNWdWRzMUNqdDNTU3k2SmhyWHRCSGc4N3E2cGV6dTdpRVA2QjRVNHF3T1ZpR3QrdkVUS2NwaFpTd0RRND...
420 B
689 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=s3BpJnwwWnR5Y3M1WC8xZlN2NkxVUkZmODZmRnMva2FWSXk4V3g3NVBmbXY3OVNMclJ1STFLcTFPNkFmQXg4VnNWdWRzMUNqdDNTU3k2SmhyWHRCSGc4N3E2cGV6dTdpRVA2QjRVNHF3T1ZpR3QrdkVUS2NwaFpTd0RRNDU5MWsrMm9idFVHREdVZkFNazN4dEh3RzZrNUlKUm92d3hTaVh5REcvRFkwaHRmaHZKRWM0Vi9Wc2pyRnZXMENXQzVxYUZtV1cvSlJkcnhxVzdrUGI1TjliZytpUEMyZWlUZzlsM0tpRWtsMHJYUVJTWE9CUGhjZnFrQy9YZ3k3VFZjODBhMnZTYmZ2VmNyNWRwYTdHUi93V1k2TzZDWnYrSXhYdGtPOFlXZUQ3N2hrUjZxUT18&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
7120c41f08e796d34323ec58630362b95b99941a3bfb497b3b667cdf4a117deb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
804176
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
location
https://mug.criteo.com/sid?cpp=s3BpJnwwWnR5Y3M1WC8xZlN2NkxVUkZmODZmRnMva2FWSXk4V3g3NVBmbXY3OVNMclJ1STFLcTFPNkFmQXg4VnNWdWRzMUNqdDNTU3k2SmhyWHRCSGc4N3E2cGV6dTdpRVA2QjRVNHF3T1ZpR3QrdkVUS2NwaFpTd0RRNDU5MWsrMm9idFVHREdVZkFNazN4dEh3RzZrNUlKUm92d3hTaVh5REcvRFkwaHRmaHZKRWM0Vi9Wc2pyRnZXMENXQzVxYUZtV1cvSlJkcnhxVzdrUGI1TjliZytpUEMyZWlUZzlsM0tpRWtsMHJYUVJTWE9CUGhjZnFrQy9YZ3k3VFZjODBhMnZTYmZ2VmNyNWRwYTdHUi93V1k2TzZDWnYrSXhYdGtPOFlXZUQ3N2hrUjZxUT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
472703
content-length
0
expires
0
rid
match.adsrvr.org/track/ Frame B3F9 		108 B
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
264ddadc2de6c3803a3989b31228cf6a62287463552e10036dc0e2b40b8b48ea

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 04 Oct 2023 02:30:28 GMT
/
onetag-sys.com/usync/ Frame 9C37 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1693794624529&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
83762ae5792674c3d083cca14ce599de427a873b1541c4b3b2bfa31ae81288bb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
824
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
syncpixel.html
cdn.deepintent.com/ Frame 8FBC 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.deepintent.com/syncpixel.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.16.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
136.16.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
2178
content-type
text/html
date
Mon, 04 Sep 2023 01:52:16 GMT
etag
"132d7c71dbfb6624f05d37c846072bf8"
last-modified
Mon, 07 Nov 2022 09:28:43 GMT
server
UploadServer
x-goog-generation
1667813323196150
x-goog-hash
crc32c=nI96+A== md5=Ey18cdv7ZiTwXTfIRgcr+A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2178
x-guploader-uploadid
ADPycdvmr68H6uuHn_J2x5009Ydjal_0U2re6ZjrUrzfukXGfnhk8RND40bk4T70HedxVKU6LyDDf0pbpH77bb68Uz8oRQ
csync
sync.spotim.market/ Frame 1C9F
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:28 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
1446c9c4-c542-4486-8191-eb9c09f8277b
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 78C4 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101339
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame A259 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
671
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cf8e6bb036ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Mon, 04 Sep 2023 06:30:28 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B544 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7328 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:28 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:30 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame 52FA 		184 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
30811f9af1c96e4bb1d57ba56bd1ce1554c36b4ffb0a6f87168bab6a76b10d3a

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:28 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
/
onetag-sys.com/usync/ Frame 3453 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
ff6e20c45a4ddce54d990b61e87110659dd2765e25fe83c25da4a4ab6a793b9d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
917
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BF14 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101339
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame C5A7
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
43 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:28 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:28 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
X-Sovrn-Pod
ad_ap7ewr1
ibs:dpid=87880&dpuuid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
dpm.demdex.net/ Frame B3F9 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=87880&dpuuid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0fd58882a.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
HHNc4JT6T4M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=07f064bb-75b8-42f3-a993-2e9dec53f3bc&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
49 B
819 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=y2aI2Ueo8q3c
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
49 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=BfCE3hDnG2SOJFTOP3fi&pi=sonobi
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT, Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
info
uipglob.semasio.net/sonobi/1/ Frame B3F9 		42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=07f064bb-75b8-42f3-a993-2e9dec53f3bc&sInitiator=external
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Frontend-ID
8
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Mon, 04 Sep 2023 02:30:28 GMT
server
Apache-Coyote/1.1
content-length
0
usersync
match.bnmla.com/ Frame B3F9 		0
0
379718.gif
idsync.rlcdn.com/ Frame B3F9
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc
  • https://usermatch.krxd.net/um/v2?partner=liveramp
  • https://idsync.rlcdn.com/379718.gif?partner_uid=PxmqKPZY
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/379718.gif?partner_uid=PxmqKPZY
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/379718.gif?partner_uid=PxmqKPZY
date
Mon, 04 Sep 2023 02:30:29 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a019-ash-prod.krxd.net
30907
tags.bluekai.com/site/ Frame B3F9 		62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/30907?id=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 04 Sep 2023 02:30:28 GMT
content-length
62
content-type
image/gif
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=1c36f547-eb8a-4237-b78b-3fac037da6c2
date
Mon, 04 Sep 2023 02:30:28 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
user-sync
sync.adkernel.com/ Frame B3F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_610.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
49 B
776 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
date
Mon, 04 Sep 2023 02:30:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=0&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dsono...
  • https://x.bidswitch.net/sync?dsp_id=354&user_id=1882bd9c06394597afd765bbe1527374&ssp=sonobi&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&consent=&gdpr_pd=&expires=7
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=2df8bf4b97fb4e89b8bf4b97fb8e8987
49 B
764 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=2df8bf4b97fb4e89b8bf4b97fb8e8987
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:28 GMT
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.shefinds.com
location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=2df8bf4b97fb4e89b8bf4b97fb8e8987
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
0
usg.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MDdmMDY0YmItNzViOC00MmYzLWE5OTMtMmU5ZGVjNTNmM2Jj
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
49 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEGYPohBaFxINW1b1RcxivxM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=2d28fe46-7bb9-022a-2363-6be882013cae
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
49 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=ad3c3e1d-5562-463a-9909-5fe7873052b0
date
Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
all
ssl-market-east.smrtb.com/sync/ Frame B3F9 		0
0
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=1813050723370043128
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=3356acbef0&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=3356acbef0
49 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=3356acbef0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=3175ac58-0d9d-47aa-b429-d8f42e050f30&pubid=3356acbef0
date
Mon, 04 Sep 2023 02:30:28 GMT
server
Kestrel
content-length
227
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
49 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
date
Mon, 04 Sep 2023 02:30:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
us.gif
sync.go.sonobi.com/ Frame B3F9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
49 B
750 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
an-x-request-uuid
2552fdf8-7e7b-43c7-af38-9f7e219ad260
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4C88 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57912
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
pixels
pix.spot.im/api/v1/ 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
via
1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
kyJM_9lTGr41dxuFsf2xI-sV_L8JBk3oPqDyyq1sRHi4exUlJptrBg==
csync
sync.spotim.market/ Frame 2546 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&us_privacy=1---&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:28 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 2546 		32 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
via
1.1 2c00b6f1d42245c6c3867cc4dfa7f32e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
BOS50-C3
age
427
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
8012cf8eb8b84bcf-BUF
x-amz-cf-id
UzbCBp9a0d8T4M4WiOFJifbWtLbs0bh-eLIhcPOkwtzMWDa_bBa6_w==
expires
Mon, 04 Sep 2023 03:30:28 GMT
/
csync.loopme.me/ Frame EAE3 		0
0
RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
sync.targeting.unrulymedia.com/csync/ Frame EAE3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&redir=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D162%26type%3Diframe%26id%3D%5BRX_UUID%5D%26auxuid%3D
  • https://match.prod.bidr.io/cookie-sync/ro?rndcb=5968313896
  • https://sync.1rx.io/usersync/beeswax/AACX7E7J6oIAACoiJc0fIg
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Server
199.127.204.147 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
setuid
prebid-server.rubiconproject.com/ Frame EAE3 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=tappx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=c2daf9e7-47e6-49b9-b795-e5324b079ad1f1a
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
mut
ghb.adtelligent.com/adunit/ Frame 7923 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19604/hbw_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.nodserving.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.nodserving.com
Date
Mon, 04 Sep 2023 02:30:28 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame 796C 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 02:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
172128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 02:41:40 GMT
usync.js
eus.rubiconproject.com/ Frame B90F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:28 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57912
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Cl8IU3xtaGxpVnBERlp5MXppNjFVbXNtRjBkbmhYeVhSQldvQ1NxN3UvREVVc29lazFjbFVQcG9lQnJmbm1oa1BmdlVVeEV5bEZpVEpWTVRnd2FTRlZYanVxZ3ZyNzkyYWFBK1E0T3czU0wzQVp2eUVURG1MUzR5Tmd6aVMwVUxySXFnaU55emlOaDFmeVhqMEJRaDVwVk9sSVJqaDFJeXYyVWFBL2t1K3VNYnRpVGM2cG9IQXc0RG4rckc2QVptR2NYVVRWTDltOTBaaG5ZZlJveHh1Q096M3B3YmFRU0FNY3lFVnl2eVJ5dVlDMDhINVpPaUUwLyt0cjd1MGFCQWRhbkxna0JWam9PcVlMMDZ2MXBleU5haGZ1VENIdS9ISWFTYkE5YmtKOG1jem0xTT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:28 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
356351
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ab
nym1-ib.adnxs.com/ Frame DA36 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QKVD_BMlQcAAAMA1gAFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjKjYJkx0bgXhdwz8RJgRpzhMyvD8ZAAAAoEfhGEAhJgRpzhMyvD8pkx0JJNAxAAAA4KNw5T8w_JHNDDjwO0CYOUgCUJTPjNwBWOPHWWAAaKawZHiV5gKAAQGKAQNVU0SSAQEG8EyYAawCoAH6AagBAbABALgBAsABBcgBAtABCdgBAOABAPABAIoCaXVmKCdhJywgMzg3MTg3MywgMCk7dWYoJ2knLCA3NDU4MDU1LCAwKQUULGcnLCAyMjAxODc2ORUpAHMBFRw4NzcyMzg4NBUWMHInLCA0NjE1ODAxODAFFvQ-AZIC1QQhRjN2QXpnaVV3cHNiRUpUUGpOd0JHQUFnNDhkWk1BQTRBRUFBU0pnNVVQeVJ6UXhZQUdCTGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUJxQUVCc0FFQXVRSGMzTk1KVjEzRFA4RUIzTnpUQ1ZkZHd6X0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCaDVySEFfVUJtcG1aUHBnQ0FLQUNBYlVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FJQURBWmdEQWFJRERnal8yYjB0RUFFWUFpMmFtWmstb2dNT0NQX1p2UzBRQ3hnQ0xacVptVDY2QXdsT1dVMHlPalV4TXpYZ0E3UkVnQVM4eS1jTGlBVHd6T2NMa0FRQm1BUUJ3UVFBQUEBwQGMAGsRwQHEFFlCQUR4QgELDQFcaUFXUEtKQUY0NDFYbUFYc29wbUpBYWtGDR8UQThELXhCMRBAQUFBd1FVQUFBQkFNelBUUDguKAAEX1IuKAAAMgUoAQHwQ0R3UC1BRm1YYndCZEgxdndyNEJZR3A3QUdDQmdOVlUwU0lCZ1NRQmdHWUJnQ2hCdHY1Zm1xOGRPOF9xQVlFc2dZa0NRAUgJAQBFHYwARx0MAEkdDKh1QVlLLUFmNTB3ajRCLUhYQ1BnSG50c0ktQWV5X1FnLpoCmQEhMWhXblZ3OlkCqE9QSFdTQUFLQUF4Ml9sLWFyeDA3ejg2Q1U1WlRUSTZOVEV6TlVDMFJFa0EJjwxEd1AxPWAARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRERDwXkR3UHcuLtgCytMC4AKLrTzqAj5odHRwczovL3d3dy5zaGVmaW5kcy5jb20vY29sbGVjdGlvbnMvd2FsbWFydC1wYWNrYWdpbmctY2hhbmdlL_ICEQoGQURWX0lEEgczaa8c8gISCgZDUEcBFAAIcZsBFQgFQ1ABFAAJdZoQ8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEgBzc0NTgwNTXyASEESU8VITgTCg9DVVNUT01fTU9ERUwBKxQA8gIaChYyFgAcTEVBRl9OQU0FcQgeCho2HQAIQVNUAT4QSUZJRUQBPhwVCghTUExJVAFNGdnwfYADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYA4_0I-ADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECzk2LjkuMjQ5LjQ1qAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA0gQONzMyMCNOWU0yOjUxMzXaBAIIAeAEAPAElKGGdPoEEgkAAABgf3FFQBEAAAAAIrlTwIgFAZgFAKAF_xEBoAGqBSAwNDUyMmY4MGI1M2M0MTIyZTg5N2ExZDYwNTEzYjhlOcAFAMkFAUIYAADwP9IFCQFXBQE02AUB4AUB8AWCkDL6BQQBpjSQBgCYBgCiBg43NjY0IwmbHDAxM7gGAMEGBTMsAPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQjjjVcSgAFweFBXT1ZvQerYREFBa0NCUUVJLWFyd0NSQ0RfYkFDR0tYbHRBSWdCeWdBUU55UThRUklpNG5EQ2xDMFJGaVZKM1H4BEFBYQgEZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gAHhBLi6ABwGIBwCgBwG6BwgqBDEtLS1AAcgHleYC0gcNLQYEMEABtwjaBwYB_6wYAOAHAOoHAggA8AeDyYkGiggCEACVCAAAgD-YCAHACMrTAtIIBggAEAAYAA..&s=76a50e03ed08ef7c3f3d1d019caf7b827b9a2789&pp=0.11
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ead142273ba55269ff400fda93a25f90583f483cd576f98ee720c05569e7a2f1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:28 GMT
content-encoding
gzip
x-creative-id
461580180
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
pragma
no-cache
an-x-request-uuid
903fc7b0-ee83-4252-9f28-49c633a5b8ae
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
fo-ssp-usa02.omnitagjs.com/fo-ssp/ Frame 260D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-ssp-usa02.omnitagjs.com/fo-ssp/sync?attempt=04522f80b53c4122e897a1d60513b8e9
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
421207145eafb5ddfa1dbc505dcbe944031033aee9695b456c69a09fa0406f62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
5
content-length
1005
expires
0
setuid
prebid-server.rubiconproject.com/ Frame A5BD
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
an-x-request-uuid
6afb14b8-6393-4cb0-8a36-9139c2cc4544
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame AF10
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26g...
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4B6D 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57911
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usync.js
eus.rubiconproject.com/ Frame FB4A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57911
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
user-sync
sync.adkernel.com/ Frame 420E
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D631495%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
5f81052e-5083-44d7-9e41-512781348475
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 19ED 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57911
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usync.js
eus.rubiconproject.com/ Frame 5E14 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57911
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usersync
usersync.gumgum.com/ Frame 1BA3
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:29 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame ACC7
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:29 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 04 Sep 2023 02:30:29 GMT Mon, 04 Sep 2023 02:30:29 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame C8B8
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:29 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
cm.g.doubleclick.net/ Frame E255 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:29 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0D59 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101338
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:29 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
events
api.permutive.com/v2.0/batch/ 		101 B
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=2aed5ae2-5875-450b-9e5e-34ac932123da
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
252.254.107.34.bc.googleusercontent.com
Software
Permutive /
Resource Hash
9c41ce61bfa0285a4cae1261b2800da44f21b1654c6f388955e53e357f0cfc33

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
content-type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
content-encoding
gzip
via
1.1 google
server
Permutive
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
tap.php
pixel.rubiconproject.com/ Frame ED05 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=U-hWXwo9-mHVSF_TEdJwski3xMY1XXbI-XJHRPeVl9w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693794624347&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 828B 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=U-hWXwo9-mHVSF_TEdJwski3xMY1XXbI-XJHRPeVl9w
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame 828B 		0
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=5e0e296628a061270b21ccab&key=U-hWXwo9-mHVSF_TEdJwski3xMY1XXbI-XJHRPeVl9w&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
content-length
0
merge
ce.lijit.com/
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=5436/tp=SVRN/tpid=HQzWZQZHTprevADoQOeL11M1/pv=y?https://ce.lijit.com/merge?pid=5001&3pid=${profile_id}
  • https://ce.lijit.com/merge?pid=5001&3pid=bb2ddcc4c0609da514c394ec081f81fd
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=5001&3pid=bb2ddcc4c0609da514c394ec081f81fd
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ce.lijit.com/merge?pid=5001&3pid=bb2ddcc4c0609da514c394ec081f81fd
cache-control
no-cache
x-server
10.40.13.170
content-length
0
expires
0
async_usersync
ib.adnxs.com/ Frame 269D 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
6a03330b-8336-40b9-b69f-d3d8100a77d0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
go1.aniview.com/api/adserver/tag/ 		71 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_CDIM1=sp_BbylgSbK&AV_CDIM2=Desktop&AV_CDIM3=conversation&AV_CDIM4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&AV_CDIM5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=22607427172&AV_CDIM10=v22.4.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=60acbabfd11d982b09533bb5&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.shefinds.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/60acbabfd11d982b09533bb5/www.shefinds.com&d36=6.2.123&responsive=1&sver=4&avtoken=629316&omv=1.0.1&clsid=a9ab569f-6750-4cab-b181-c0a028a1af60&rando=42&AV_WIDTH=948&AV_HEIGHT=533&AV_CCPA=1---&AV_DNT=0&cb=1693794629317&AV_C_USER_ID=1693794619884-964393778739-001213-003-001685&wfc=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.21.152.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-21-152-207.compute-1.amazonaws.com
Software
/
Resource Hash
9294660dfa6ac7bef0315e0dde4d9e7e44b50f0b9de25bfbb721c092b9cf5afe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 23 Aug 2023 12:43:49 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=conversation&cd4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&cd5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.4.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=948&he=533&test=&d36=6.2.123&apppkg=&fv=1&proto=https&clsid=a9ab569f-6750-4cab-b181-c0a028a1af60&rando=42&pid=5e0e296628a061270b21ccab&cid=60acbabfd11d982b09533bb5&stagid=&stplid=&e=inventory&vi=0&cb=1693794629317
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
user-sync
sync.adkernel.com/ Frame F65B 		764 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
faf1acb4cb71c122bff2bc0bc2a088b3f27b54f57d951e79f67e72dadb97da50

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
764
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Sep 2023 02:30:29 GMT
Pragma
no-cache
Server
nginx
sd
us-u.openx.net/w/1.0/ Frame 65E6
Redirect Chain
  • https://match.deepintent.com/usersync/108
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:28 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
store
match.deepintent.com/usersync/112/ Frame 65E6
Redirect Chain
  • https://match.deepintent.com/usersync/112
  • https://id.rlcdn.com/467756.gif
  • https://match.deepintent.com/usersync/112/store?id=Xc1364Isgzn9ilbBbCWrvu1W6rszOnFm7GP4E8CCUK__GyDMA
0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/112/store?id=Xc1364Isgzn9ilbBbCWrvu1W6rszOnFm7GP4E8CCUK__GyDMA
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:30 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

Redirect headers

date
Mon, 04 Sep 2023 02:30:29 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://match.deepintent.com/usersync/112/store?id=Xc1364Isgzn9ilbBbCWrvu1W6rszOnFm7GP4E8CCUK__GyDMA
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 65E6
Redirect Chain
  • https://match.deepintent.com/usersync/150
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:29 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
store
match.deepintent.com/usersync/121/ Frame 65E6
Redirect Chain
  • https://match.deepintent.com/usersync/121
  • https://thrtle.com/insync?vxii_pid=10036&vxii_pdid=di_a1f61cad865644a2aaed7&vxii_r=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F121%2Fstore%3Fid%3D%24%7Btid%7D
  • https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:29 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

Redirect headers

location
https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
date
Mon, 04 Sep 2023 02:30:29 GMT
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="NOI OUR BUS UNI COM NAV"
setuid
ib.adnxs.com/ Frame 65E6
Redirect Chain
  • https://match.deepintent.com/usersync/126
  • https://ib.adnxs.com/setuid?entity=463&code=di_a1f61cad865644a2aaed7
43 B
936 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=463&code=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
212f3a1d-d454-4685-abda-cae17036d64a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/setuid?entity=463&code=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:28 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
um
sync.teads.tv/ Frame 65E6
Redirect Chain
  • https://match.deepintent.com/usersync/129
  • https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_a1f61cad865644a2aaed7
  • https://sync.teads.tv/um?eid=20&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
23 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=20&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
23.205.56.163 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-56-163.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Mon, 04 Sep 2023 02:30:30 GMT
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif

Redirect headers

Location
//sync.teads.tv/um?eid=20&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
6.gif
id5-sync.com/c/987/1228/0/ Frame 65E6
Redirect Chain
  • https://match.deepintent.com/usersync/147
  • https://id5-sync.com/s/987/5.gif?puid=di_a1f61cad865644a2aaed7&callback=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F147%2Fstore%3Fid%3D%7BID5UID%7D
  • https://ce.lijit.com/merge?pid=85&3pid=AACX7E7J6oIAACoiJc0fIg&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F1241%2F4%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/987/1241/4/2.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F104%2F3%2F3.gif%3Fpuid%3D%24%7BBSW_UUID%7D%26gdpr%3D0%26gdpr_consent%3D?gdpr=0&gdpr_consent=
  • https://id5-sync.com/c/987/104/3/3.gif?puid=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=26&3pid=54d10197-cb46-413a-91f9-8e6ea8d9de90&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F1227%2F2%2F4.gif%3Fpuid%3D%5BSOVRNID%5D%...
  • https://id5-sync.com/c/987/1227/2/4.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=108&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F826%2F1%2F5.gif%3Fpuid%3D%7BuserId%7D%26gdpr%3D0%26gdpr_consent%3D
  • https://id5-sync.com/c/987/826/1/5.gif?puid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F1228%2F0%2F6.gif%3Fpuid%3D...
  • https://id5-sync.com/c/987/1228/0/6.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/987/1228/0/6.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
HTTP/1.1
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://id5-sync.com/c/987/1228/0/6.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
store
match.deepintent.com/usersync/106/ Frame 65E6
Redirect Chain
  • https://match.deepintent.com/usersync/106
  • https://cm.g.doubleclick.net/pixel?google_nid=deepintent&google_hm=ZGlfYTFmNjFjYWQ4NjU2NDRhMmFhZWQ3&google_cm
  • https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:29 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csync
sync.spotim.market/ Frame 52FA 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&us_privacy=1---&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame 52FA 		32 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
via
1.1 2c00b6f1d42245c6c3867cc4dfa7f32e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
BOS50-C3
age
428
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
8012cf91c8db4bcf-BUF
x-amz-cf-id
UzbCBp9a0d8T4M4WiOFJifbWtLbs0bh-eLIhcPOkwtzMWDa_bBa6_w==
expires
Mon, 04 Sep 2023 03:30:29 GMT
usync.js
eus.rubiconproject.com/ Frame B544 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57911
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F108 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=1264610274171070&rc=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 6C1E 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
d573f888-0887-4b47-9030-497af32432ad
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prbds2s
rtb.gumgum.com/usync/ Frame 781D 		2 KB
988 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.116.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-116-249.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c1386718a8ec989b9968427a08fa8e0de0a6d61da8ade2ea506d49a3b370fe0e

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:29 GMT
etag
W/"0d62d8d7073f37b82697de1648c07a65e"
server
nginx
timing-allow-origin
*
usermatch
ssum-sec.casalemedia.com/ Frame 3169 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
6e336d445a11b4020ac2229623b3d0e24626acd327c799e63f51bdceae2fcfdd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:29 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
client
ssl.connextra.com/MGM_Sportsbook_Casino/selector/ Frame 7665 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/MGM_Sportsbook_Casino/selector/client?client=MGM_Sportsbook_Casino&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&_cb=1055072647&apnauc=1394488214963540437&bidid=1394488214963540437&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click2?e=wqT_3QKcAfCbnAAAAAMAxBkFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGRzQWIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA/s=62b70b462f96402e750fa289100f32ab25ef6422/bcr=AAAAAAAA8D8=/cnd=%212xUTWQiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTU5MEC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjU1OTA=/bn=91793/clickenc=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.91.111.199 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-111-199.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
ac1eb9e71e8e1553c1fdb7178679e4b7cb9baa8c23feeab2895ce10f0c5d0f18

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
759
content-type
text/html;charset=utf-8
date
Mon, 04 Sep 2023 02:30:29 GMT
expires
Mon, 04 Sep 2023 02:30:29 GMT
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma
no-cache
server
istio-envoy
vary
* Accept-Encoding
x-envoy-upstream-service-time
3
x-served-by
adserver-blue-10
async_usersync.html
acdn.adnxs.com/dmp/ Frame DC0B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:29 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
rd_log
nym1-ib.adnxs.com/ Frame 4A2B 		0
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QKSD_SXApIHAAADANYABQEIvoLVpwYQ1aP7wsr0ja0TGPuj6YzKkueYIyo2CXM1V3M1V8M_ESlcj8L1KLw_GQAAAKBH4RhAISYEac4TMrw_KZMdG4F4XcM_MQAAAOCjcOU_MPyRzQw48DtAmDlIAlCUz4zcAVjjx1lgAGimsGR4kc0FgAEBigEDVVNEkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAml1ZignYScsIDM4NzE4NzMsIDApO3VmKCdpJywgNzQ1ODA1NSwgMCk7dWYoJ2cnLCAyMjAxODc2OSwgMCk7dWYoJ3MnLCAyODc3MjM4ODQsIDApO3VmKCdyJywgNDYxNTgwMTgwLCAwKTuSAtUEIVpudUlCd2lVd3BzYkVKVFBqTndCR0FBZzQ4ZFpNQUE0QUVBQVNKZzVVUHlSelF4WUFHQkxhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhjM05NSlYxM0RQOEVCM056VENWZGR3el9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQmg1ckhBX1VCbXBtWlBwZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSUREZ2pfMmIwdEVBRVlBaTJhbVprLW9nTU9DUF9adlMwUUN4Z0NMWnFabVQ2NkF3bE9XVTB5T2pVMU9URGdBN1JFZ0FTOHktY0xpQVR3ek9jTGtBUUJtQVFCd1FRQUFBQUFBQUFBQU1rRUFBQUFBQUFBQUFEWUJBRHhCQUFBQUFBQUFBQUFpQVhXSzVBRjQ0MVhtQVhzb3BtSkFha0YFPCBBQUE4RC14QlEBCgkBPHdRVUFBQUJBTXpQVFA4a0YJFgEoBF9SLigAADIFKAEB8ENEd1AtQUZtWGJ3QmRIMXZ3cjRCWUdwN0FHQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQnR2NWZtcThkTzhfcUFZRXNnWWtDUQFICQEARR2MAEcdDABJHQzwZXVBWUstQWY1MHdqNEItSFhDUGdIbnRzSS1BZXlfUWcumgKZASEyeFVUV1FpVXdwc2JFSlRQak53QkdPUEhXU0FBS0FBeDJfbC1hcngwN3o4NkNVNVpUVEk2TlRVNU1FQzBSRWtBQQWQEER3UDFFBQoFAQRGawUHBQEARx0YAEcdGABIHRgQSGdBaVEREPB1RHdQdy4u2ALK0wLgAoutPOoCPmh0dHBzOi8vd3d3LnNoZWZpbmRzLmNvbS9jb2xsZWN0aW9ucy93YWxtYXJ0LXBhY2thZ2luZy1jaGFuZ2Uv8gIRCgZBRFZfSUQSBzM4NzE4NzPyAhIKBkNQR19JRBIIMjIwMWGbGPICEgoFQ1ABKDgJMjg3NzIzODg08gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEMBzc0NYEkAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fDegAMAiAMBkAMAmAMUoAMBqgMAwAPYBMgDANgDj_Qj4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQLOTYuOS4yNDkuNDWoBACyBAwIABAAGAAgADAAOAK4BADABADIBADSBA43MzIwI05ZTTI6NTU5MNoEAggB4AQA8ASUz4zcAfoEEgkAAABgf3FFQBEAAAAAIrlTwIgFAZgFAKAF____________AaoFIGIwNGJjMzg2NThmMDQ3YWMwMTE1NDY1OWJiYWJmYmNkwAUAyQUAAAAAAADwP9IFCQkAAAkONNgFAeAFAfAFgpAy-gUEAaY0kAYAmAYAogYONzY2NCMFmyA2NDE1uAYAwQYJNCjwP9AGqSXaBhYKEAkRGQFgEAAYAOAGAfIGhwEI441XEoABckJPMk9sb0Hr2ERBQWtDQlFFSS1hcndDUkNEX2JBQ0dLWGx0QUlnQnlnQVFOeVE4UVJJaTRuRENsQzBSRmlQTW5R-ARBQWEIBGdRHRBMSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAB8QS4ugAcBiAcAoAcBugcIKgQxLS0tQAHIB5HNBdIHDQkJuQQwQAG3CNoHBgH_oBgA4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAcAIytMC0ggGCAAQABgA&s=10085fd35f5b3a5597106e8df74a35835c622e6f&bdref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&bdtop=true&bdifs=3&bstk=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F,https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F,https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F,about%3Asrcdoc&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
3a7ccea7-ad41-4b42-a50e-174bd7324c98
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
it
nym1-ib.adnxs.com/ Frame 4A2B 		0
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QL7DPSXAnsGAAADANYABQEIvoLVpwYQ1aP7wsr0ja0TGPuj6YzKkueYIyo2CXM1V3M1V8M_ESlcj8L1KLw_GQAAAKBH4RhAISYEac4TMrw_KZMdG4F4XcM_MQAAAOCjcOU_MPyRzQw48DtAmDlIAlCUz4zcAVjjx1lgAGimsGR4kc0FgAEBigEDVVNEkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAml1ZignYScsIDM4NzE4NzMsIDApO3VmKCdpJywgNzQ1ODA1NSwgMCk7dWYoJ2cnLCAyMjAxODc2OSwgMCk7dWYoJ3MnLCAyODc3MjM4ODQsIDApO3VmKCdyJywgNDYxNTgwMTgwLCAwKTuSAtUEIVpudUlCd2lVd3BzYkVKVFBqTndCR0FBZzQ4ZFpNQUE0QUVBQVNKZzVVUHlSelF4WUFHQkxhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhjM05NSlYxM0RQOEVCM056VENWZGR3el9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQmg1ckhBX1VCbXBtWlBwZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSUREZ2pfMmIwdEVBRVlBaTJhbVprLW9nTU9DUF9adlMwUUN4Z0NMWnFabVQ2NkF3bE9XVTB5T2pVMU9URGdBN1JFZ0FTOHktY0xpQVR3ek9jTGtBUUJtQVFCd1FRQUFBQUFBQUFBQU1rRUFBQUFBQUFBQUFEWUJBRHhCQUFBQUFBQUFBQUFpQVhXSzVBRjQ0MVhtQVhzb3BtSkFha0YFPCBBQUE4RC14QlEBCgkBPHdRVUFBQUJBTXpQVFA4a0YJFgEoBF9SLigAADIFKAEB8ENEd1AtQUZtWGJ3QmRIMXZ3cjRCWUdwN0FHQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQnR2NWZtcThkTzhfcUFZRXNnWWtDUQFICQEARR2MAEcdDABJHQzwZXVBWUstQWY1MHdqNEItSFhDUGdIbnRzSS1BZXlfUWcumgKZASEyeFVUV1FpVXdwc2JFSlRQak53QkdPUEhXU0FBS0FBeDJfbC1hcngwN3o4NkNVNVpUVEk2TlRVNU1FQzBSRWtBQQWQEER3UDFFBQoFAQRGawUHBQEARx0YAEcdGABIHRgQSGdBaVEREPTiAUR3UHcuLtgCytMC4AKLrTzqAj5odHRwczovL3d3dy5zaGVmaW5kcy5jb20vY29sbGVjdGlvbnMvd2FsbWFydC1wYWNrYWdpbmctY2hhbmdlL4ADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYA4_0I-ADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECzk2LjkuMjQ5LjQ1qAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjU1OTDaBAIIAeAEAPAElM-M3AH6BBIJAAAAYH9xRUARAAAAACK5U8CIBQGYBQCgBf___________wGqBSBiMDRiYzM4NjU4ZjA0N2FjMDExNTQ2NTliYmFiZmJjZMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYKQMvoFBAgAEACQBgCYBgCiBg43NjY0I05ZTTI6NjQxNbgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI441XEoABckJPMk9sb0FBQUFEQUFrQ0JRRUktYXJ3Q1JDRF9iQUNHS1hsdEFJZ0J5Z0FRTnlROFFSSWk0bkRDbEMwUkZpUE1uRUFBQUFBQUFBQSHxBGdRMfFYQUFBSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAB8QS4ugAcBiAcAoAcBugcIKgQxLS0tQAHIB5HNBdIHDQkJvgQwQCGcENoHBggAAQmY4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAcAIytMC0ggGCAAQABgA&s=402b652ee57121c6a36dd06de301d43e83493d23
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
3bac148a-fcb7-46c8-b439-ce21ce09f60d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/239/ Frame 4A2B 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Tue, 03 Sep 2024 02:30:29 GMT
async_usersync
ib.adnxs.com/ Frame DB8A 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
2d70bfff-5700-4c4e-a635-126a6a08e6be
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame 379D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
an-x-request-uuid
1a582646-bcb3-4e85-a3ae-a01123f141ab
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://prebid-server.rubiconproject.com/setuid?bidder=adnxs&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 2C01 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
530e1a95-4300-4fca-807e-60ad34fa39e1
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
multitracking
ghb.spotim.market/adunit/ Frame EF3F 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_release_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.shefinds.com
Date
Mon, 04 Sep 2023 02:30:29 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
async_usersync
ib.adnxs.com/ Frame C437 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
161a45ba-922f-4988-8d74-cfecca3b8a3d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/ Frame CDD3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
bc963209fab0fc1c013cb4b1759eaa2b270d4287a3db2586d997bcde16f45e72
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
863
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
152media
sync.quantumdex.io/usersync/ Frame E83B 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/152media
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e862a40091ac327f1b947416b1eb7731cb0d98e23ca46371f799ff061e46546c

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012cf9299d74bc1-BUF
content-encoding
gzip
content-type
text/html
date
Mon, 04 Sep 2023 02:30:29 GMT
server
cloudflare
async_usersync
ib.adnxs.com/ Frame D60F 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
c88e8017-15b5-4c07-bb5d-2883d5265cd4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/usync/ Frame 674F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
197c9a0e9a0776081b41c94b3124344e0cd5d6f899fcd85d502f95fa398d5aaa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
918
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame EF3F
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
43 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
Adtelligent
Etag
8c142d02c463c298
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
0
Expires
0
usermatchredir
ssum-sec.casalemedia.com/ Frame EF3F 		43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=190532&cb=%3CURL_ENCODED_PARTNER_SECURE_CALLBACK%3E
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=490
Content-Length
43
Expires
0
events
bidder.criteo.com/csm/ Frame EF3F 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:28 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ Frame EF3F 		13 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
events
bidder.criteo.com/csm/ Frame EF3F 		0
194 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.shefinds.com
date
Mon, 04 Sep 2023 02:30:29 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixels
ssp-sync.criteo.com/user-sync/ Frame EF3F 		13 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp-sync.criteo.com/user-sync/pixels?ccpa=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::1d , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store,max-age=0
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 7923 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:29 GMT
setuid
prebid-server.rubiconproject.com/ Frame 6B4A
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26g...
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 9C37 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=KejLFJef7pK3N6nS1eEaek9R76CUJGhg05_ttoSsGaQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1693794624529&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame 8FBC
Redirect Chain
  • https://match.deepintent.com/usersync/108
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:28 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sd
us-u.openx.net/w/1.0/ Frame 8FBC
Redirect Chain
  • https://match.deepintent.com/usersync/112
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:28 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
rum
dsum-sec.casalemedia.com/ Frame 8FBC
Redirect Chain
  • https://match.deepintent.com/usersync/150
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:29 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
store
match.deepintent.com/usersync/121/ Frame 8FBC
Redirect Chain
  • https://match.deepintent.com/usersync/121
  • https://thrtle.com/insync?vxii_pid=10036&vxii_pdid=di_a1f61cad865644a2aaed7&vxii_r=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F121%2Fstore%3Fid%3D%24%7Btid%7D
  • https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:30 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

Redirect headers

location
https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
date
Mon, 04 Sep 2023 02:30:30 GMT
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="NOI OUR BUS UNI COM NAV"
setuid
ib.adnxs.com/ Frame 8FBC
Redirect Chain
  • https://match.deepintent.com/usersync/126
  • https://ib.adnxs.com/setuid?entity=463&code=di_a1f61cad865644a2aaed7
43 B
939 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=463&code=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
a1d0bfbb-561b-46ff-9f5a-b919c8744935
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/setuid?entity=463&code=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:28 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sync
sync.bfmio.com/ Frame 8FBC
Redirect Chain
  • https://match.deepintent.com/usersync/129
  • https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_a1f61cad865644a2aaed7
  • https://sync.bfmio.com/sync?pid=103&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&dsp_id=&dsp_uuid=&gdpr=&gdpr_consent=&gdpr_pd=
0
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=103&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&dsp_id=&dsp_uuid=&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
HTTP/1.1
Server
44.215.82.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-215-82-85.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:30 GMT

Redirect headers

Location
//sync.bfmio.com/sync?pid=103&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90&dsp_id=&dsp_uuid=&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
csync.loopme.me/ Frame 8FBC
Redirect Chain
  • https://match.deepintent.com/usersync/147
  • https://id5-sync.com/s/987/5.gif?puid=di_a1f61cad865644a2aaed7&callback=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F147%2Fstore%3Fid%3D%7BID5UID%7D
  • https://ce.lijit.com/merge?pid=85&3pid=AACX7E7J6oIAACoiJc0fIg&us_privacy=&gdpr=0&gdpr_consent=&location=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F1241%2F4%2F2.gif%3Fpuid%3D%5BSOVRNID%5D%26gdpr%3D0%26g...
  • https://id5-sync.com/c/987/1241/4/2.gif?puid=HQzWZQZHTprevADoQOeL11M1&gdpr=0&gdpr_consent=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=198601&cb=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F165%2F3%2F3.gif%3Fpuid%3D__UID__%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
  • https://id5-sync.com/c/987/165/3/3.gif?puid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gdpr=0&gdpr_consent=
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F821%2F2%2F4.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
0
0
store
match.deepintent.com/usersync/106/ Frame 8FBC
Redirect Chain
  • https://match.deepintent.com/usersync/106
  • https://cm.g.doubleclick.net/pixel?google_nid=deepintent&google_hm=ZGlfYTFmNjFjYWQ4NjU2NDRhMmFhZWQ3&google_cm
  • https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:30 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C8B8 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57911
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
hbw_master_307825_11598.js
p.safeservingcdn.com/prebidlink/y19604/ Frame 63B3 		116 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.safeservingcdn.com/prebidlink/y19604/hbw_master_307825_11598.js
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/19604/j.html?i=11598
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e2a67499043b423a3f3238a862d287342cdfeb615b53c112a592dd7fe8c04709

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/prebidlink/19604/j.html?i=11598
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 10:58:33 GMT
server
nginx
etag
W/"64f1c3d9-1d1bf"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 06 Sep 2023 02:30:29 GMT
csync
sync.adtelligent.com/ Frame 963F 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:29 GMT
Etag
8c142d02c463c298
Server
Adtelligent
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 8419 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:29 GMT
async_usersync
ib.adnxs.com/ Frame 7328 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
2df290d0-37fc-450d-bcfa-84774f637765
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 3453 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=KejLFJef7pK3N6nS1eEaek9R76CUJGhg05_ttoSsGaQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e71ccbe96f42d70fa40603ada4c96b28
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame 3453 		0
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=5e0e296628a061270b21ccab&key=KejLFJef7pK3N6nS1eEaek9R76CUJGhg05_ttoSsGaQ&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:29 GMT
content-length
0
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame 4AF2 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
542907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236429
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 19:42:02 GMT
expires
Tue, 27 Aug 2024 19:42:02 GMT
last-modified
Mon, 28 Aug 2023 19:39:24 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 8922 		0
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A1D2 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:32:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3487
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:32:22 GMT
user-sync
sync.adkernel.com/ Frame F65B
Redirect Chain
  • https://ib.adnxs.com/getuid?%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D200784%26dsp%3D631495%26t%3Dimage%26uid%3D%24UID
  • https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.adkernel.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
003de35e-6b22-428a-badb-f4c846372eb0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
//sync.adkernel.com/user-sync?zone=200784&dsp=631495&t=image&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 781D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=zyBPIM0lGiXUcBx0wXYEIMtwHSzUIBF0zyaIV7q5
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=0&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 781D
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=$D&initiator=platform
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=ad3c3e1d-5562-463a-9909-5fe7873052b0&gdpr=&gdpr_consent=&us_privacy=
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=ad3c3e1d-5562-463a-9909-5fe7873052b0&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:31 GMT
Cache-Control
no-cache
X-TraceId
1a3f093838d3a6a4f8ed160d2e58bc7c
Content-Length
0

Redirect headers

location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=ad3c3e1d-5562-463a-9909-5fe7873052b0&gdpr=&gdpr_consent=&us_privacy=
date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 781D
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:29 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 781D
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:30 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 781D
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Date
Mon, 04 Sep 2023 02:30:30 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 781D
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
date
Mon, 04 Sep 2023 02:30:29 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame 781D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame 781D 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=gumgum&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
dcm
s.amazon-adsystem.com/ Frame 3169 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:29 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8R7DS20ZEXENFJ0QZXGF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3169
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:29 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatchredir
ssum-sec.casalemedia.com/ Frame 3169
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 3169 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
/
csync.loopme.me/ Frame 3169 		0
0
CookieIndex
rtb.adentifi.com/ Frame 3169 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 3169 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 3169 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0cf154a10.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vsjmlmCvQaA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
setuid
prebid-server.rubiconproject.com/ Frame 3169 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?gpp=&gpp_sid=&bidder=ix&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
client
ssl.connextra.com/MGM_Sportsbook_Casino/selector/ Frame 708D 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/MGM_Sportsbook_Casino/selector/client?client=MGM_Sportsbook_Casino&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&_cb=818364304&apnauc=6702190739669195407&bidid=6702190739669195407&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click2?e=wqT_3QKcAfCbnAAAAAMAxBkFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGV5gKIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA/s=9a6224c8146022cc29362a1f7d0f14dcc191a041/bcr=AAAAAAAA8D8=/cnd=%211hWnVwiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTEzNUC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjUxMzU=/bn=45845/clickenc=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.91.111.199 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-111-199.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
1950ff45707e284807d891b6f8fcfd051a528c351a55ae95e95964f11bf7101f

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
760
content-type
text/html;charset=utf-8
date
Mon, 04 Sep 2023 02:30:30 GMT
expires
Mon, 04 Sep 2023 02:30:30 GMT
p3p
CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
pragma
no-cache
server
istio-envoy
vary
* Accept-Encoding
x-envoy-upstream-service-time
3
x-served-by
adserver-blue-0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 124D 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:29 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:31 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
rd_log
nym1-ib.adnxs.com/ Frame DA36 		0
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QKSD_SXApIHAAADANYABQEIv4LVpwYQj7WU9_zevYFdGPuj6YzKkueYIyo2CXM1V3M1V8M_ESlcj8L1KLw_GQAAAKBH4RhAISYEac4TMrw_KZMdG4F4XcM_MQAAAOCjcOU_MPyRzQw48DtAmDlIAlCUz4zcAVjjx1lgAGimsGR4leYCgAEBigEDVVNEkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAml1ZignYScsIDM4NzE4NzMsIDApO3VmKCdpJywgNzQ1ODA1NSwgMCk7dWYoJ2cnLCAyMjAxODc2OSwgMCk7dWYoJ3MnLCAyODc3MjM4ODQsIDApO3VmKCdyJywgNDYxNTgwMTgwLCAwKTuSAtUEIUYzdkF6Z2lVd3BzYkVKVFBqTndCR0FBZzQ4ZFpNQUE0QUVBQVNKZzVVUHlSelF4WUFHQkxhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhjM05NSlYxM0RQOEVCM056VENWZGR3el9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQmg1ckhBX1VCbXBtWlBwZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSUREZ2pfMmIwdEVBRVlBaTJhbVprLW9nTU9DUF9adlMwUUN4Z0NMWnFabVQ2NkF3bE9XVTB5T2pVeE16WGdBN1JFZ0FTOHktY0xpQVR3ek9jTGtBUUJtQVFCd1FRQUFBQUFBQUFBQU1rRUFBQUFBQUFBQUFEWUJBRHhCQUFBQUFBQUFBQUFpQVdQS0pBRjQ0MVhtQVhzb3BtSkFha0YFPCBBQUE4RC14QlEBCgkBPHdRVUFBQUJBTXpQVFA4a0YJFgEoBF9SLigAADIFKAEB8ENEd1AtQUZtWGJ3QmRIMXZ3cjRCWUdwN0FHQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQnR2NWZtcThkTzhfcUFZRXNnWWtDUQFICQEARR2MAEcdDABJHQzwZXVBWUstQWY1MHdqNEItSFhDUGdIbnRzSS1BZXlfUWcumgKZASExaFduVndpVXdwc2JFSlRQak53QkdPUEhXU0FBS0FBeDJfbC1hcngwN3o4NkNVNVpUVEk2TlRFek5VQzBSRWtBQQWQEER3UDFFBQoFAQRGawUHBQEARx0YAEcdGABIHRgQSGdBaVEREPB1RHdQdy4u2ALK0wLgAoutPOoCPmh0dHBzOi8vd3d3LnNoZWZpbmRzLmNvbS9jb2xsZWN0aW9ucy93YWxtYXJ0LXBhY2thZ2luZy1jaGFuZ2Uv8gIRCgZBRFZfSUQSBzM4NzE4NzPyAhIKBkNQR19JRBIIMjIwMWGbGPICEgoFQ1ABKDgJMjg3NzIzODg08gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPAVkRDxALCgdDUBUOEBAKBUlPAWEMBzc0NYEkAPIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fDegAMAiAMBkAMAmAMUoAMBqgMAwAPYBMgDANgDj_Qj4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQLOTYuOS4yNDkuNDWoBACyBAwIABAAGAAgADAAOAK4BADABADIBADSBA43MzIwI05ZTTI6NTEzNdoEAggB4AQA8ASUz4zcAfoEEgkAAABgf3FFQBEAAAAAIrlTwIgFAZgFAKAF____________AaoFIDA0NTIyZjgwYjUzYzQxMjJlODk3YTFkNjA1MTNiOGU5wAUAyQUAAAAAAADwP9IFCQkAAAkONNgFAeAFAfAFgpAy-gUEAaY0kAYAmAYAogYONzY2NCMJmxwwMTO4BgDBBgk0KPA_0AapJdoGFgoQCREZAWAQABgA4AYB8gaHAQjjjVcSgAFweFBXT1ZvQevYREFBa0NCUUVJLWFyd0NSQ0RfYkFDR0tYbHRBSWdCeWdBUU55UThRUklpNG5EQ2xDMFJGaVZKM1H4BEFBYQgEZ1EdEExJZ0JBSkFCQUpvQkFnZ0FxQUVBcy4gAHxBLi6ABwGIBwCgBwG6BwgqBDEtLS1AAcgHleYC0gcNCQm5BDBAAbcI2gcGAf-gGADgBwDqBwIIAPAHAIoIAhAAlQgAAIA_mAgBwAjK0wLSCAYIABAAGAA.&s=69858958f5b82d4642718b36055b9bdf7fe3a8ea&bdref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&bdtop=true&bdifs=3&bstk=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F,https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F,https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F,about%3Asrcdoc&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
7eae5b7c-640f-4cd1-add3-10ef5d19473c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
it
nym1-ib.adnxs.com/ Frame DA36 		0
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QL7DPSXAnsGAAADANYABQEIv4LVpwYQj7WU9_zevYFdGPuj6YzKkueYIyo2CXM1V3M1V8M_ESlcj8L1KLw_GQAAAKBH4RhAISYEac4TMrw_KZMdG4F4XcM_MQAAAOCjcOU_MPyRzQw48DtAmDlIAlCUz4zcAVjjx1lgAGimsGR4leYCgAEBigEDVVNEkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAml1ZignYScsIDM4NzE4NzMsIDApO3VmKCdpJywgNzQ1ODA1NSwgMCk7dWYoJ2cnLCAyMjAxODc2OSwgMCk7dWYoJ3MnLCAyODc3MjM4ODQsIDApO3VmKCdyJywgNDYxNTgwMTgwLCAwKTuSAtUEIUYzdkF6Z2lVd3BzYkVKVFBqTndCR0FBZzQ4ZFpNQUE0QUVBQVNKZzVVUHlSelF4WUFHQkxhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhjM05NSlYxM0RQOEVCM056VENWZGR3el9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQmg1ckhBX1VCbXBtWlBwZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSUREZ2pfMmIwdEVBRVlBaTJhbVprLW9nTU9DUF9adlMwUUN4Z0NMWnFabVQ2NkF3bE9XVTB5T2pVeE16WGdBN1JFZ0FTOHktY0xpQVR3ek9jTGtBUUJtQVFCd1FRQUFBQUFBQUFBQU1rRUFBQUFBQUFBQUFEWUJBRHhCQUFBQUFBQUFBQUFpQVdQS0pBRjQ0MVhtQVhzb3BtSkFha0YFPCBBQUE4RC14QlEBCgkBPHdRVUFBQUJBTXpQVFA4a0YJFgEoBF9SLigAADIFKAEB8ENEd1AtQUZtWGJ3QmRIMXZ3cjRCWUdwN0FHQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQnR2NWZtcThkTzhfcUFZRXNnWWtDUQFICQEARR2MAEcdDABJHQzwZXVBWUstQWY1MHdqNEItSFhDUGdIbnRzSS1BZXlfUWcumgKZASExaFduVndpVXdwc2JFSlRQak53QkdPUEhXU0FBS0FBeDJfbC1hcngwN3o4NkNVNVpUVEk2TlRFek5VQzBSRWtBQQWQEER3UDFFBQoFAQRGawUHBQEARx0YAEcdGABIHRgQSGdBaVEREPTiAUR3UHcuLtgCytMC4AKLrTzqAj5odHRwczovL3d3dy5zaGVmaW5kcy5jb20vY29sbGVjdGlvbnMvd2FsbWFydC1wYWNrYWdpbmctY2hhbmdlL4ADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYA4_0I-ADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECzk2LjkuMjQ5LjQ1qAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjUxMzXaBAIIAeAEAPAElM-M3AH6BBIJAAAAYH9xRUARAAAAACK5U8CIBQGYBQCgBf___________wGqBSAwNDUyMmY4MGI1M2M0MTIyZTg5N2ExZDYwNTEzYjhlOcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYKQMvoFBAgAEACQBgCYBgCiBg43NjY0I05ZTTI6NTAxM7gGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI441XEoABcHhQV09Wb0FBQUFEQUFrQ0JRRUktYXJ3Q1JDRF9iQUNHS1hsdEFJZ0J5Z0FRTnlROFFSSWk0bkRDbEMwUkZpVkozRUFBQUFBQUFBQSHxBGdRMfFYQUFBSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAB8QS4ugAcBiAcAoAcBugcIKgQxLS0tQAHIB5XmAtIHDQkJvgQwQCGcENoHBggAAQmY4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAcAIytMC0ggGCAAQABgA&s=6e0522b1c107f6c0e87900a58f830acee6a97f4c
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
a2faf10e-d746-4046-9850-a81cea04c55e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/239/ Frame DA36 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Tue, 03 Sep 2024 02:30:29 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=s3BpJnwwWnR5Y3M1WC8xZlN2NkxVUkZmODZmRnMva2FWSXk4V3g3NVBmbXY3OVNMclJ1STFLcTFPNkFmQXg4VnNWdWRzMUNqdDNTU3k2SmhyWHRCSGc4N3E2cGV6dTdpRVA2QjRVNHF3T1ZpR3QrdkVUS2NwaFpTd0RRNDU5MWsrMm9idFVHREdVZkFNazN4dEh3RzZrNUlKUm92d3hTaVh5REcvRFkwaHRmaHZKRWM0Vi9Wc2pyRnZXMENXQzVxYUZtV1cvSlJkcnhxVzdrUGI1TjliZytpUEMyZWlUZzlsM0tpRWtsMHJYUVJTWE9CUGhjZnFrQy9YZ3k3VFZjODBhMnZTYmZ2VmNyNWRwYTdHUi93V1k2TzZDWnYrSXhYdGtPOFlXZUQ3N2hrUjZxUT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:29 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
447429
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
setuid
sync.quantumdex.io/ Frame E83B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf982a034bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:29 GMT
an-x-request-uuid
ec621094-79de-4113-ab27-c37c1566bb75
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame E83B
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf983a044bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
date
Mon, 04 Sep 2023 02:30:29 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame E83B
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9aca184bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 04 Sep 2023 02:30:30 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
sync.quantumdex.io/ Frame E83B
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf99aa104bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 04 Sep 2023 02:30:28 GMT
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
age
2
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
vwYQJvzzBU6kQGB4Uh4jIzqgJQo6CupZ8Krr3JnQLy8-sW02_0Gjhw==
setuid
sync.quantumdex.io/ Frame E83B
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9a6a154bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
date
Mon, 04 Sep 2023 02:30:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame E83B
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf99aa114bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame E83B
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf99aa0f4bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
csync
sync.adtelligent.com/ Frame E83B 		43 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307682&extuid=da0a1784-d8ab-4c85-ab15-f94d2b215e2b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
Adtelligent
Etag
8c142d02c463c298
Content-Length
43
Content-Type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame 7387 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
34ceb939e30bae974a8c913e7327acc9c1bd89fca9a920a6e6b425cb52677cf1

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1948
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Keep-Alive
timeout=1, max=498
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame 5B06 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
5efb32c547c884d834a574a463c0dea616f6854c71b67d973d85f7fb99f35a02

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1987
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame CF20 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 02:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
172130
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 02:41:40 GMT
csync
sync.adtelligent.com/ Frame 57FB 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:30 GMT
Etag
8c142d02c463c298
Server
Adtelligent
/
onetag-sys.com/usync/ Frame 8A70 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
5a891907f96d611ae555dffdd0d7999998a80cae1bf8fcf4abf21eca4c1f2520
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
865
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
152mediaweb
sync.quantumdex.io/usersync/ Frame FBE1 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/152mediaweb
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81182b8b4dcbf167013fe43ab96d167e717507a6d6023c56fa94b3913f1ca406

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012cf9709f54bc1-BUF
content-encoding
gzip
content-type
text/html
date
Mon, 04 Sep 2023 02:30:30 GMT
server
cloudflare
usersync
usersync.gumgum.com/ Frame 7262
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame F18E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 04 Sep 2023 02:30:30 GMT Mon, 04 Sep 2023 02:30:30 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame FB8C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:30 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:30 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
cm.g.doubleclick.net/ Frame BD8D 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6AF7 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101337
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:30 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6B73 		215 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
677bab83edbaf28095393d59cebb7929d4d06499ca6ece8081a430f0fd2efa9d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsJjXeOhYQurXW4gpWAvYCfexBJXJCVo5Nq6XnvrV2Le1bWezljYDNLY5a8dy81Aw_10CiGhrQygbRtiXo5rYJpFewGT7tD
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
69989
last-modified
Sun, 03 Sep 2023 06:24:17 GMT
server
UploadServer
etag
"f27cc43e8274f67b9ff4a205cc7d0de8"
vary
Accept-Encoding
x-goog-generation
1693722256957551
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=FkgZrw==, md5=8nzEPoJ09nuf9KIFzH0N6A==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
69989
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:30 GMT
avpb7.51.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6B73 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
01c3a025b0c8fb03bc17b1bfb5d0e40ff081556e844abfb19044728a9fa1310a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduprggp0BDzzrnTJcneLJXAm68-QGxJcErx7ndvLBWe8LeT9JZlJWb6OF_YdX8e0Nyto1YqCiG7suZF_ROdbAAtXw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21036
last-modified
Sun, 03 Sep 2023 06:24:17 GMT
server
UploadServer
etag
"0a0d67aa487d13807b0ae7ae5ed865ef"
vary
Accept-Encoding
x-goog-generation
1693722256956297
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Gux6hg==, md5=Cg1nqkh9E4B7CueuXthl7w==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21036
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:30 GMT
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6B73 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:f000:b9d::2c79 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsZLjY_fLRwO2mUToqEJARzQx2BGhjE5pANQvrMc4-7exTi74xUTlNui3-7dPWVM9UB5WnJE3zm0TmN2E0n4U-owUEjzEwC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23120
last-modified
Sun, 03 Sep 2023 06:24:17 GMT
server
UploadServer
etag
"4b4557cd18ac9267af08fdb557b5b99b"
vary
Accept-Encoding
x-goog-generation
1693722256959507
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=5DF8CA==, md5=S0VXzRiskmevCP21V7W5mw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23120
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:40:30 GMT
s2s
s2s.aniview.com/api/adserver/ 		0
477 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=bdc9c1f67936be312dd5242626764390&wpm=&ssrtb=&pbjs=&tms=&AV_CDIM1=sp_BbylgSbK&AV_CDIM2=Desktop&AV_CDIM3=conversation&AV_CDIM4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&AV_CDIM5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&AV_CDIM6=stable&AV_CDIM7=row1-column1&AV_CDIM8=sticky%3Afalse%3Btakeover%3Afalse&AV_CDIM9=22607427172&AV_CDIM10=v22.4.0&AV_CDIM11=B&AV_CDIM13=false&AV_CDIM14=%5B%5D&AV_CDIM15=ads&AV_SCHAIN=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&AV_PUBLISHERID=5e0e296628a061270b21ccab&AV_CHANNELID=60acbabfd11d982b09533bb5&tgt=0&AV_SUBID=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.shefinds.com&AV_DADPOS=1&AV_OPLACEMENT=1&AV_GPID=/5e0e296628a061270b21ccab/60acbabfd11d982b09533bb5/www.shefinds.com&d36=6.2.123&responsive=1&sver=4&avtoken=629316&omv=1.0.1&clsid=a9ab569f-6750-4cab-b181-c0a028a1af60&rando=42&AV_WIDTH=948&AV_HEIGHT=533&AV_CCPA=1---&AV_DNT=0&cb=3794630279&AV_C_USER_ID=1693794619884-964393778739-001213-003-001685&wfc=1&tgt=0&&AV_VI=0&AV_VID=0&d4=1&d5=0&AV_PLCMT=2&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=2&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.212.237.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-237-84.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.shefinds.com
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Wed, 23 Aug 2023 12:43:50 GMT
14264399
ads.stickyadstv.com/vast/vpaid-adapter/ 		814 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/14264399?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,!&cbb=3794630280
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a4ff540b2b094a846ed130b2dcdedb8d59dfad9bb9a6b24f5afd315b507b74e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794630313000-252
14264367
ads.stickyadstv.com/vast/vpaid-adapter/ 		1002 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/14264367?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,!&co=&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.140%20Safari%2F537.36&ip=96.9.249.45&_fw_is_lat=42.88670&cbb=3794630281
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
55f2515410aa89f0edc8a25a90e7c5725593dfd039d46cf226436ce7482ce994

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794630358004-293
22035490
ads.stickyadstv.com/vast/vpaid-adapter/ 		814 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/22035490?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,!&cbb=3794630281
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
bed5d0e0cec310f5360af63da4f7b90992f0ca27ee8b1f93cbbb5a52af766141

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794630366035-140
14130591
ads.stickyadstv.com/vast/vpaid-adapter/ 		814 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/14130591?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,!&cbb=3794630281
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
93f2b78ba732ee63eb6163adf13393f94334dfaea23f9177b2412226bde453dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794630358059-254
28922370
ads.stickyadstv.com/vast/vpaid-adapter/ 		814 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/vast/vpaid-adapter/28922370?_fw_gdpr=0&_fw_gdpr_consent=&schain=1.0,1!spotim.market,sp_BbylgSbK,1,,,!&cbb=3794630281
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
8019297b697cb47883508c210f6a8d3b1d5b7574fb17c05c06e65c39d6f189ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794630371033-319
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=&user_id=1693794619884-964393778739-001213-003-001685&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookiesyncendpoint
sync.aniview.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1693794619884-964393778739-001213-003-001685%26biddername%3D24%26pid%3D62f53b2c7850d0786f227f64%26key...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=24&pid=62f53b2c7850d0786f227f64&key=54d10197-cb46-413a-91f9-8e6ea8d9de90
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=24&pid=62f53b2c7850d0786f227f64&key=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-length
0

Redirect headers

Location
https://sync.aniview.com/cookiesyncendpoint?auid=1693794619884-964393778739-001213-003-001685&biddername=24&pid=62f53b2c7850d0786f227f64&key=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usermatch
ssum-sec.casalemedia.com/ Frame 568A 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
5645adacf5b08f2a1be751489e017665af268ec7bfcc5926f2a4bf86a8e2a1ac

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Keep-Alive
timeout=1, max=496
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
usermatch
ssum-sec.casalemedia.com/ Frame 2038 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
d796ea3c90bab95eb0ca2b70aa0c2aad671b32ce71cdf695098340c8b2eb2ef7

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2009
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Keep-Alive
timeout=1, max=495
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame E0AF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
110028de56fdb2f02d4c57a108b4db9fa425fe9226d828a4b31920710181771a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
tap.php
pixel.rubiconproject.com/ Frame CDD3 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=CPTvTwCo9h9Plzp2GvVC8JVyw6xNPfBKCzrrJG-olew
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user-sync
sync.adkernel.com/ Frame CDD3 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=175005&r=CPTvTwCo9h9Plzp2GvVC8JVyw6xNPfBKCzrrJG-olew
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
22
usermatch
ssum-sec.casalemedia.com/ Frame 25CB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e1ada2a8aacfb74e1012ffa2663bf047fcea599e815b98401b89d1858168881a

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2009
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Keep-Alive
timeout=1, max=494
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
pbs.gif
sync.colossusssp.com/ Frame AF10 		0
0
setuid
sync.quantumdex.io/ Frame 2D09
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012cf980a024bc1-BUF
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:30:30 GMT
server
cloudflare

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
ETag
OPTOUT
Expires
0
Location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Pragma
no-cache
Server
Tengine
Transfer-Encoding
chunked
usermatch
ssum-sec.casalemedia.com/ Frame 92ED 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
5ae1841d71ce7be640c978cc15523ae16ed897e5273e6b8990cc2bbfb278b739

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1937
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync
eb2.3lift.com/ Frame 3BCD 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
62a4ce81c1f10e360cfb81951999cdeda7bd12ae413c7c2b087014507c8b14d4

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1315
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:30 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 57F4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
5e48045f1056adf3a78666f71b02bce75f6f4a4eb46eaa90050bec9e3535024e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
864
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 043E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101337
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:30 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 4387 		536 B
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152media
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e9527bae31e7b9677fd555c796d7508c94dbf605e3a4e97e160d56a976f658a0

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
536
content-type
text/html
date
Mon, 04 Sep 2023 02:30:30 GMT
server
istio-envoy
x-envoy-upstream-service-time
4
mut
ghb.adtelligent.com/adunit/ Frame 8419 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.medocdn.com
URL: https://p.medocdn.com/prebidlink/y19604/hbw_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.medocdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.medocdn.com
Date
Mon, 04 Sep 2023 02:30:30 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
usync
ssp.api.tappx.com/cs/ Frame F1E9 		0
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A7298272160482644129&auxuid=
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:30 GMT
server
nginx
transfer-encoding
chunked
async_usersync
ib.adnxs.com/ Frame DC0B 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7664&pub_id=1165391&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
727d71ae-4997-4d9a-a3ad-9cee8eaed533
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 674F 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=KaJ8EJQZenpbOOCyj4xtoC23KZ6h5PJpGXPyr2dynHg
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1df09169f58a071f2a391dff1b3307b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame 674F 		0
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=5e0e296628a061270b21ccab&key=KaJ8EJQZenpbOOCyj4xtoC23KZ6h5PJpGXPyr2dynHg&gdpr=0&gdpr_consent={gdpr_consent}&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr={gdpr}&gdpr_consent={gdpr_consent}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame A5BD
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26g...
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame F4D4 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
1d927eb6fcdbffe640433fc7d704599dfc1162ca533ce53cf64d7422ae1bfd01

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
31327
i.liadm.com/s/ Frame 7387 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gpdr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.108.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-108-181.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
2
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame 7387
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822877106412
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822877106412
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822877106412
Content-Length
0
bridge
cm.adgrx.com/ Frame 7387
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794632857061-70
CookieIndex
rtb.adentifi.com/ Frame 7387 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 7387 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-08c6337bc.edge-va6.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hpzCqMIfRW4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7387 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7387
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
csync.loopme.me/ Frame 7387 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 7387 		43 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43894
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cf9a5c8f39c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:30 GMT
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame EF3F 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:30 GMT
mut
ghb.adtelligent.com/adunit/ Frame 7923 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.nodserving.com
URL: https://p.nodserving.com/prebidlink/y19604/hbw_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.nodserving.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.nodserving.com
Date
Mon, 04 Sep 2023 02:30:30 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
31327
i.liadm.com/s/ Frame 5B06 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gpdr=&gdpr_consent=&us_privacy=1---&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.108.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-108-181.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 5B06 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-032f374c7.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zrgkNtpUSiM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dcm
s.amazon-adsystem.com/ Frame 5B06 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A3A8541XYZJJ0K65QG7Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5B06
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
csync.loopme.me/ Frame 5B06 		0
0
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5B06 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame 5B06 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
CookieIndex
rtb.adentifi.com/ Frame 5B06 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 5B06 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43894
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cf9acd5d39c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:30 GMT
usersync
usersync.gumgum.com/ Frame 7171 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Pragma
no-cache
setuid
sync.quantumdex.io/ Frame FBE1
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
  • https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9baa1d4bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=between&uid=e2796388-aa83-53f7-8a8c-6ae8ee792bd3
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
setuid
sync.quantumdex.io/ Frame FBE1
Redirect Chain
  • https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
  • https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9bea1f4bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=zeta-global&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
cache-control
no-store
content-length
0
expires
0
setuid
sync.quantumdex.io/ Frame FBE1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9eea3c4bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
9cffcfeb-f042-41e1-8c00-3a8125b209c2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=2535980227366638075
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame FBE1
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9eea3b4bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
date
Mon, 04 Sep 2023 02:30:30 GMT
content-length
0
setuid
sync.quantumdex.io/ Frame FBE1
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9eaa394bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

date
Mon, 04 Sep 2023 02:30:28 GMT
via
1.1 560ae23eb11e8a754d4876989783ad5e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR53-P1
age
2
x-cache
Hit from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.quantumdex.io/setuid?bidder=smaato&uid=e5563551d8
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
cuDd7yB8FJJYi2YFWl1evUgG4JAs4H6LJ9K3T1n_KOKjog7rM4nfgw==
setuid
sync.quantumdex.io/ Frame FBE1
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9f4a3e4bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=inmobi&uid=ID5-b9a77xq11x0fvVtZ_BPYaiTMVcZhieNl0HLYjGk-6A
date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame FBE1
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9eba3a4bc1-BUF
content-length
43
content-type
image/gif

Redirect headers

Date
Mon, 04 Sep 2023 02:30:30 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.quantumdex.io/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
user-sync
sync.adkernel.com/ Frame FBE1 		42 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?dsp=61&t=image&uid=da0a1784-d8ab-4c85-ab15-f94d2b215e2b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
close
Content-Length
42
async_usersync
ib.adnxs.com/ Frame 269D 		0
592 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
f8aa346c-82fe-4041-a104-30af12ab8236
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
controller
ssl.connextra.com/servlet/ Frame 70A0 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=1394488214963540437&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGRzQWIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D62b70b462f96402e750fa289100f32ab25ef6422%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%212xUTWQiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTU5MEC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjU1OTA%3D%2Fbn%3D91793%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=1394488214963540437&_cb=1055072647
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/MGM_Sportsbook_Casino/selector/client?client=MGM_Sportsbook_Casino&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&_cb=1055072647&apnauc=1394488214963540437&bidid=1394488214963540437&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click2?e=wqT_3QKcAfCbnAAAAAMAxBkFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGRzQWIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA/s=62b70b462f96402e750fa289100f32ab25ef6422/bcr=AAAAAAAA8D8=/cnd=%212xUTWQiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTU5MEC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjU1OTA=/bn=91793/clickenc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.91.111.199 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-111-199.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
cf106de0f6aae9d7778d2e87752bf4bd8ac65f9eabc08e6cb8c85559558080d7

Request headers

Referer
https://ssl.connextra.com/MGM_Sportsbook_Casino/selector/client?client=MGM_Sportsbook_Casino&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&_cb=1055072647&apnauc=1394488214963540437&bidid=1394488214963540437&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click2?e=wqT_3QKcAfCbnAAAAAMAxBkFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGRzQWIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA/s=62b70b462f96402e750fa289100f32ab25ef6422/bcr=AAAAAAAA8D8=/cnd=%212xUTWQiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTU5MEC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjU1OTA=/bn=91793/clickenc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
1901
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:30 GMT
expires
Mon, 04 Sep 2023 02:40:04 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
2
x-served-by
adserver-blue-7
dcm
s.amazon-adsystem.com/ Frame 568A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BBYAN9RKJ5DVRZBW60W0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 568A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
recv
cm.gammaplatform.com/adx/ Frame 568A
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=1&t=pixel
  • https://x.bidswitch.net/sync?ssp=ambient
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=ambient&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=ambient&gdpr=0&user_id=zyBPIM0lGiXUcBx0wXYEIMtwHSzUIBF0zyaIV7q5
  • https://cm.gammaplatform.com/adx/recv?pid=7&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.gammaplatform.com/adx/recv?pid=7&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
35.186.154.107 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
107.154.186.35.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

lws
35
date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
accept-encoding
utf-8
time-ms
0
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
content-length
51

Redirect headers

Location
//cm.gammaplatform.com/adx/recv?pid=7&uid=54d10197-cb46-413a-91f9-8e6ea8d9de90
Date
Mon, 04 Sep 2023 02:30:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 568A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 568A 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-069e449e7.edge-va6.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mOGcPl/5Q/Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
csync.loopme.me/ Frame 568A 		0
0
bridge
cm.adgrx.com/ Frame 568A
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/67f88371642fb974ef46ebde1ff8a6?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794632388011-265
tp_out
d.adroll.com/cm/index/ Frame 568A 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
htw-pixel.gif
cdn.indexww.com/ht/ Frame 568A 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43894
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cf9b9e8139c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:30 GMT
dcm
s.amazon-adsystem.com/ Frame 2038 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VWRPEFDZ0NEYSX3QJWVF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 2038 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2038 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
2
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usermatchredir
ssum-sec.casalemedia.com/ Frame 2038
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=492
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 2038 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-0a44897b1.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
EljeYxeXRq8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
csync.loopme.me/ Frame 2038 		0
0
CookieIndex
rtb.adentifi.com/ Frame 2038 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2038
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2038 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43894
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cf9bae9b39c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:30 GMT
/
csync.loopme.me/ Frame E0AF 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame E0AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E0AF 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame E0AF 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-029a79953.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lsN/Ol6jRjs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
user-registering
ads.stickyadstv.com/ Frame E0AF
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AACX7E7J6oIAACoiJc0fIg&dataProviderId=817&gdpr=0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
0
0
tp_out
d.adroll.com/cm/index/ Frame E0AF 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E0AF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame E0AF 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B3ZTC5NF00BK4ABNKW3T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame E0AF 		43 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43895
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cf9beeea39c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:31 GMT
CookieIndex
rtb.adentifi.com/ Frame 25CB 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 25CB 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-077e5894d.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jHgOwdXOQHU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
csync.loopme.me/ Frame 25CB 		0
0
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 25CB 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
tp_out
d.adroll.com/cm/index/ Frame 25CB 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 25CB 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8ZCSTBM07NAAH6A503P1
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 25CB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatchredir
ssum-sec.casalemedia.com/ Frame 25CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=491
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 25CB 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43895
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cf9c0f0a39c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:31 GMT
track
track1.aniview.com/ Frame 0545 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=pitc&cd4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&cd5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.4.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=400&he=300&test=&d36=6.2.123&apppkg=&fv=1&proto=https&clsid=784c090b-e0d6-48a9-8d0a-1cca998d9521&rando=67
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
sync
ups.analytics.yahoo.com/ups/58382/ Frame 3BCD 		0
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58382/sync?uid=4187545677285024608258&_origin=1&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.225.218.10 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-225-218-10.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
csync.loopme.me/ Frame 3BCD 		0
0
xuid
eb2.3lift.com/ Frame 3BCD
Redirect Chain
  • https://event.hgrtb.com/sync/triplelift?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7666%26xuid%3Dmfuid%26dongle%3D8f7
  • https://eb2.3lift.com/xuid?mid=7666&xuid=fc5fd944-b642-49ca-818f-124213753c6b&dongle=8f7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7666&xuid=fc5fd944-b642-49ca-818f-124213753c6b&dongle=8f7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7666&xuid=fc5fd944-b642-49ca-818f-124213753c6b&dongle=8f7
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
119
content-type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame 3BCD
Redirect Chain
  • https://p.rfihub.com/cm?pub=36497&in=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7414&xuid=1813050723370043128&dongle=U48
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7414&xuid=1813050723370043128&dongle=U48
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=7414&xuid=1813050723370043128&dongle=U48
Date
Mon, 04 Sep 2023 02:30:31 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
xuid
eb2.3lift.com/ Frame 3BCD
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dy2aI2Ueo8q3c%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=y2aI2Ueo8q3c&dongle=8bee&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=y2aI2Ueo8q3c&dongle=8bee&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://eb2.3lift.com/xuid?mid=2636&xuid=y2aI2Ueo8q3c&dongle=8bee&gdpr=0&gdpr_consent=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
xuid
eb2.3lift.com/ Frame 3BCD
Redirect Chain
  • https://trc.taboola.com/sg/TripleliftSCoD/1/cm?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7772%26xuid%3D%3CTUID%3E%26dongle%3Dtbla
  • https://eb2.3lift.com/xuid?mid=7772&xuid=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba&dongle=tbla
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7772&xuid=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba&dongle=tbla
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

x-vcl-time-ms
21
date
Mon, 04 Sep 2023 02:30:31 GMT
via
1.1 varnish
x-served-by
cache-ewr18155-EWR
server
nginx
x-timer
S1693794631.113272,VS0,VE21
x-fastly-to-nlb-rtt
20235
x-cache
MISS
location
https://eb2.3lift.com/xuid?mid=7772&xuid=68f45103-968d-4089-82b0-411437736996-tuctbeec6ba&dongle=tbla
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
xuid
eb2.3lift.com/ Frame 3BCD
Redirect Chain
  • https://sid.storygize.net/ccm/9779a491-75d6-4ad2-92bd-2f159c9892ab
  • https://sid.storygize.net/csr?r=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3396%26xuid%3D169e4ab0-16cf-492a-9c7d-27d482d88b2f%26dongle%3Dc7e1
  • https://eb2.3lift.com/xuid?mid=3396&xuid=169e4ab0-16cf-492a-9c7d-27d482d88b2f&dongle=c7e1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3396&xuid=169e4ab0-16cf-492a-9c7d-27d482d88b2f&dongle=c7e1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3396&xuid=169e4ab0-16cf-492a-9c7d-27d482d88b2f&dongle=c7e1
date
Mon, 04 Sep 2023 02:30:31 GMT
content-length
0
xuid
eb2.3lift.com/ Frame 3BCD
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1245&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7354&xuid=640113117700930142&dongle=AD20&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7354&xuid=640113117700930142&dongle=AD20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eb2.3lift.com/xuid?mid=7354&xuid=640113117700930142&dongle=AD20&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
xuid
eb2.3lift.com/ Frame 3BCD
Redirect Chain
  • https://match.deepintent.com/usersync/140?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7596&xuid=di_a1f61cad865644a2aaed7&dongle=fg7
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7596&xuid=di_a1f61cad865644a2aaed7&dongle=fg7
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7596&xuid=di_a1f61cad865644a2aaed7&dongle=fg7
date
Mon, 04 Sep 2023 02:30:30 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
757c0557066e95cfd4c7
aax-eu.amazon-adsystem.com/s/x/ Frame 3BCD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4187545677285024608258
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 124D 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7664&pub_id=1165391&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
cc2bf8b7-44ed-4920-9ff0-4aca84ba07ed
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 92ED 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
CookieIndex
rtb.adentifi.com/ Frame 92ED 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
tp_out
d.adroll.com/cm/index/ Frame 92ED 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
bridge
cm.adgrx.com/ Frame 92ED
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AACX7E7J6oIAACoiJc0fIg&dataProviderId=817&gdpr=0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794632780070-115
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 92ED 		42 B
941 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-00775131d.edge-va6.demdex.com 15 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zS6ORJP1Q/M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
csync.loopme.me/ Frame 92ED 		0
0
dcm
s.amazon-adsystem.com/ Frame 92ED 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9QK01WJ9WT6JRGDTPKSF
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 92ED
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
sync.quantumdex.io/ Frame 92ED 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9c1a254bc1-BUF
content-length
43
content-type
image/gif
/
csync.loopme.me/ Frame 4387 		0
0
cksync.php
contextual.media.net/ Frame 4387 		53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:30 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:30 GMT
setuid
sync.quantumdex.io/ Frame 4387 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=rise&uid=wTUvU2M-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9c1a264bc1-BUF
content-length
43
content-type
image/gif
async_usersync
ib.adnxs.com/ Frame 6C1E 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
b8396759-91e2-4d20-b56b-85ff8525ac3d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync.php
ssp.api.tappx.com/cs/ Frame 4D88 		680 B
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b9ab27de86fce7bf205e67e6b11c04563492b44b479a7140e5fc5dbe97543dc2

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:30 GMT
server
nginx
transfer-encoding
chunked
controller
ssl.connextra.com/servlet/ Frame 42AC 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=6702190739669195407&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGV5gKIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D9a6224c8146022cc29362a1f7d0f14dcc191a041%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%211hWnVwiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTEzNUC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjUxMzU%3D%2Fbn%3D45845%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=6702190739669195407&_cb=818364304
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/MGM_Sportsbook_Casino/selector/client?client=MGM_Sportsbook_Casino&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&_cb=818364304&apnauc=6702190739669195407&bidid=6702190739669195407&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click2?e=wqT_3QKcAfCbnAAAAAMAxBkFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGV5gKIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA/s=9a6224c8146022cc29362a1f7d0f14dcc191a041/bcr=AAAAAAAA8D8=/cnd=%211hWnVwiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTEzNUC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjUxMzU=/bn=45845/clickenc=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.91.111.199 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-111-199.deploy.static.akamaitechnologies.com
Software
istio-envoy /
Resource Hash
cf106de0f6aae9d7778d2e87752bf4bd8ac65f9eabc08e6cb8c85559558080d7

Request headers

Referer
https://ssl.connextra.com/MGM_Sportsbook_Casino/selector/client?client=MGM_Sportsbook_Casino&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&_cb=818364304&apnauc=6702190739669195407&bidid=6702190739669195407&dspid=3bc1d7fd2e&tclk=https://nym1-ib.adnxs.com/click2?e=wqT_3QKcAfCbnAAAAAMAxBkFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGV5gKIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA/s=9a6224c8146022cc29362a1f7d0f14dcc191a041/bcr=AAAAAAAA8D8=/cnd=%211hWnVwiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTEzNUC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw../cca=NzMyMCNOWU0yOjUxMzU=/bn=45845/clickenc=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
1901
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:30 GMT
expires
Mon, 04 Sep 2023 02:40:04 GMT
server
istio-envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
2
x-served-by
adserver-blue-7
setuid
prebid-server.rubiconproject.com/ Frame CC71
Redirect Chain
  • https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3...
  • https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
content-encoding
gzip
x-accel-expires
0
vary
Origin
content-type
text/html; charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?account=&bidder=kargo&f=i&uid=86dbba19-2541-5f5c-e155-a2da511c8b39
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
150
expires
Thu, 01 Jan 1970 00:00:00 UTC
hb_307825_11598.js
player.adtelligent.com/prebidlink/ex19604/ Frame 63B3 		920 B
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/ex19604/hb_307825_11598.js
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19604/hbw_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
21b0bf9ae9da4ec7ca4128ccba5981e459c10b9482bf67c8c953dea855968576

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:30 GMT
date
Mon, 04 Sep 2023 02:30:30 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 10:58:33 GMT
server
nginx
etag
W/"64f1c3d9-398"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
ads
securepubads.g.doubleclick.net/gampad/ Frame EF3F 		27 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=287535046088818&correlator=2672867139308623&eid=31076398%2C31077537&output=ldjh&gdfp_req=1&vrg=202308290101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=39694909%3A22607427172%2CConversationDisplay%2CCD-GeneralDes&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C728x90%7C320x250%7C336x280&ifi=1&sfv=1-0-40&eri=5&sc=1&cookie=ID%3Df4365ba33414e7f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MazNz2hq7EamHvgy9Von-nafnO9QQ&cdm=www.shefinds.com&gpic=UID%3D000009fc561c41f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MbKlL1TgVc1-vhqOeuMOl23b4vyjg&abxe=1&dt=1693794630791&adxs=650&adys=6794&biw=1600&bih=1200&isw=728&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=hxljuxwqvve&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=www.shefinds.com&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&top=www.shefinds.com&vis=1&psz=728x280&msz=728x90&fws=260&ohw=728&ea=0&ga_vid=1789139906.1693794608&ga_sid=1693794631&ga_hid=1812641753&ga_fc=true&dlt=1693794624616&idt=3025&prev_scp=conversationSpotId%3Dsp_BbylgSbK%26abTestVersion%3DB%26assetGroupId%3Dstable%26isStickyAdUnit%3Dfalse%26pageViewId%3De3a6c02f-3821-4966-b815-070e1fd3f4b8%26slot%3Drow1-column1%26source_version%3Dv22.4.0%26topSpotId%3Dsp_BbylgSbK%26source%3Dconversation%26hb_rfBid%3D0%26is_vmhbmp%3Dtrue%26hb_override_id%3D4171863%26hb_buyer_id%3D14515%26hb_div_id%3Ddiv-gpt-ad-1644400642420-0%26hb_r_id%3D327a2ceed5103ea%26hb_site_id%3D31%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.09%26hb_adid%3D54ce9186eb90178%26hb_bidder%3Dadyoulike%26excl_cat%3DPREPOST&cust_params=hbmp_loc%3Dhttps%253A%252F%252Fwww.shefinds.com%252Fcollections%252Fwalmart-packaging-change%252F&adks=226208146&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6dd2245d78aa2555f91cbc235453402019257b6a22b081d864f61ac38f8009f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11816
x-xss-protection
0
google-lineitem-id
4511920770
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219148966
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame EF3F 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25ec2344cd759c7af3b8e00c5d527ee2163832e437a7ccf669a5850315868301
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11729
x-xss-protection
0
container.html
20db39cb6b941dfb1821dcd1cd061854.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E86F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://20db39cb6b941dfb1821dcd1cd061854.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308290101/pubads_impl.js?cb=31077537
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:30 GMT
expires
Tue, 03 Sep 2024 02:30:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pbs.gif
sync.colossusssp.com/ Frame 6B4A 		0
0
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame F4D4 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-077e5894d.edge-va6.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
HIZREJTbSQA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
CookieIndex
rtb.adentifi.com/ Frame F4D4 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:30 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F4D4 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
/
csync.loopme.me/ Frame F4D4 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame F4D4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=494
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame F4D4 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
8XAX39H29HE6NST5GXEH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F4D4
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-registering
ads.stickyadstv.com/ Frame F4D4
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame F4D4 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43895
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cf9c8fe639c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:31 GMT
usync.js
eus.rubiconproject.com/ Frame FB8C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:30 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57910
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
async_usersync
ib.adnxs.com/ Frame DB8A 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
4d676fca-e82e-4ee1-add5-009dfbd8ce2b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame 379D
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26g...
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
async_usersync
ib.adnxs.com/ Frame 2C01 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
c42040a9-9292-466e-a6a9-fc7dbd989166
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame C437 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
c7e83be4-1565-4156-865e-a318e30dbb62
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D60F 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:30 GMT
an-x-request-uuid
8d7ab0b0-02a1-42f7-8a9d-7f7a1ca24a79
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ Frame 505E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=15&eid=19&aw=468&ah=60&pagePos=1&vip=true&secure=1&sub_eid=11304&maxed=1&rnd=45888
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.34.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-34-120.ewr53.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
date
Mon, 04 Sep 2023 02:30:30 GMT
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
server
Apache-Coyote/1.1
via
1.1 aa7679f2d01b23d9a66bfa6e92991b04.cloudfront.net (CloudFront)
x-amz-cf-id
A9aMgQylah808VCD-e3KDM5MeCZdJk2E-OljPqxyuU-TUlpjCvjDdw==
x-amz-cf-pop
EWR53-C2
x-cache
Miss from cloudfront
tap.php
pixel.rubiconproject.com/ Frame 8A70 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=lkXXa0jrR-3IHdq6ngC-VKEMKRugGkxAgJouABfy5TA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
83041abbe8494cb29eff3083edd6dff6
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
user-sync
sync.adkernel.com/ Frame 8A70 		22 B
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adkernel.com/user-sync?zone=175005&r=lkXXa0jrR-3IHdq6ngC-VKEMKRugGkxAgJouABfy5TA
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:30 GMT
Cache-Control
no-store
Server
nginx
Connection
close
Age
0
Content-Length
22
usermatch
ssum-sec.casalemedia.com/ Frame 9BE9 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
1195b77715ffa07bf58367c1d9eb241a80fa7f99a68cd0a330c79b79e2713521

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1974
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
Expires
0
Keep-Alive
timeout=1, max=497
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
setuid
sync.quantumdex.io/ Frame DAA2
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
43 B
117 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012cf9baa1c4bc1-BUF
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:30:31 GMT
server
cloudflare

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:30 GMT
ETag
OPTOUT
Expires
0
Location
https://sync.quantumdex.io/setuid?bidder=unruly&uid=OPTOUT&us_privacy=
Pragma
no-cache
Server
Tengine
Transfer-Encoding
chunked
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 2B55 		536 B
987 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.208.74.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-74-11.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
9f5d5049f8b35d10681d9cbb884069cbb3467b8d415c06c36804a9ea6234ab69

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://sync.quantumdex.io/
content-length
536
content-type
text/html
date
Mon, 04 Sep 2023 02:30:30 GMT
server
istio-envoy
x-envoy-upstream-service-time
3
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FF26 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101337
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:30 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 695E 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
d53604a05fb19a8486234da0ae56801f0a0ac2fa9037c4416eac518e2315159a

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1258
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:30 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
onetag-sys.com/usync/ Frame 6A99 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/152mediaweb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
a86c2d31450ef99ca07dd290564d73017e868fa3b1b028691ff28998cd542444
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://sync.quantumdex.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
862
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
tap.php
pixel.rubiconproject.com/ Frame 57F4 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=nVnvU3jbD0dvPhUhXcQhlSuBzUPH_fZl0w989bIXFF8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
sync.quantumdex.io/ Frame 57F4 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=onetag&uid=nVnvU3jbD0dvPhUhXcQhlSuBzUPH_fZl0w989bIXFF8
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cf9bba1e4bc1-BUF
content-length
43
content-type
image/gif
load3.js
ssl.connextra.com/services/ActiveAd/ Frame 70A0 		3 KB
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/load3.js
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=1394488214963540437&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGRzQWIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D62b70b462f96402e750fa289100f32ab25ef6422%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%212xUTWQiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTU5MEC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjU1OTA%3D%2Fbn%3D91793%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=1394488214963540437&_cb=1055072647
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.91.111.199 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-111-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
efa868a96d117a28e0d2d0e338e2b248179d0247cd5e4bfa73363d8001e03a82

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=1394488214963540437&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGRzQWIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D62b70b462f96402e750fa289100f32ab25ef6422%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%212xUTWQiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTU5MEC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjU1OTA%3D%2Fbn%3D91793%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=1394488214963540437&_cb=1055072647
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2016 14:10:53 GMT
server
AkamaiNetStorage
etag
"743a5e7701b844723629ba8123740a92:1479305453"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
687
async_usersync
ib.adnxs.com/ Frame 7328 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
an-x-request-uuid
8a265b86-ad53-449e-a6c1-632b943d08ce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
csync.loopme.me/ Frame 4D88 		0
0
setuid
prebid-server.rubiconproject.com/ Frame 4D88 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=tappx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=c2daf9e7-47e6-49b9-b795-e5324b079ad1f1a
Requested by
Host: ssp.api.tappx.com
URL: https://ssp.api.tappx.com/cs/usersync.php?gdpr_optin=&gdpr_consent=&us_privacy=&type=iframe&ruid=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dtappx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%7B%7BTPPXUID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=4ce580ce-81c5-8dc6-47d2-896525727747&tv=%7Bc:naA8wE,time:6621,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:6622,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1199,wc:0.0.1600.1200,ac:436.4010.728.90,am:i,cc:436.4010.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5528~0%5D,as:%5B5528~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:652,fm:tOQRD2r+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e1131%7C1e1132%7C1e1133%7C1e1134%7C1e1135%7C1e1136%7C1e1137%7C1e1138%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g1%7C1h1%7C1h2%7C1h31%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l4%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p151%7C1q1%7C1q2%7C1q31%7C1q32%7C1q33%7C1q34%7C1q35%7C1q36%7C1q37%7C1q38%7C1q39%7C1q3a%7C1q3b%7C1q3c%7C1q3d%7C1q3e%7C1q3f%7C1q3g%7C1q3h%7C1q3i%7C1q41%7C1q42%7C1q51%7C1q521%7C1q611%7C1q6121%7C1q613%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v%7C1w11%7C1x1%7C1x2%7C1x3%7C1x4%7C1x5%7C1x6%7C1x7%7C1x81%7C1x9%7C1xa%7C1xb%7C1xc%7C1xd%7C1xe%7C1xf%7C1xg%7C1xh%7C1xi11%7C1y*.930203%7C1y1%7C1z.930203%7C1z1%7C110%7C1111%7C1112%7C1113%7C1114%7C11151%7C112,idMap:1y*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1200,sis:1944%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
server
nginx
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
ghb.adtelligent.com/geo/ Frame 63B3 		158 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/geo/
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19604/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6435522b12db8477c3d43f483b51389315e5cb5144f53753f7116b462ec5947d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:31 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
158
tracking
ghb.adtelligent.com/adunit/ Frame 63B3 		43 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=307825&site_id=11598&full_page_url=https%3A%2F%2Fwww.shefinds.com&adid=49l9il.zh&features=16416&vpbv=N169&lifecycle_tte=3063
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19604/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:31 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
syncframe
gum.criteo.com/ Frame 80FC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.shefinds.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.nodserving.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:30 GMT
server
Kestrel
server-processing-duration-in-ticks
1112987
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 7923 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:31 GMT
load3.js
ssl.connextra.com/services/ActiveAd/ Frame 42AC 		3 KB
864 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.connextra.com/services/ActiveAd/load3.js
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=6702190739669195407&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGV5gKIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D9a6224c8146022cc29362a1f7d0f14dcc191a041%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%211hWnVwiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTEzNUC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjUxMzU%3D%2Fbn%3D45845%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=6702190739669195407&_cb=818364304
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.91.111.199 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-91-111-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
efa868a96d117a28e0d2d0e338e2b248179d0247cd5e4bfa73363d8001e03a82

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=6702190739669195407&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGV5gKIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D9a6224c8146022cc29362a1f7d0f14dcc191a041%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%211hWnVwiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTEzNUC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjUxMzU%3D%2Fbn%3D45845%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=6702190739669195407&_cb=818364304
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2016 14:10:53 GMT
server
AkamaiNetStorage
etag
"743a5e7701b844723629ba8123740a92:1479305453"
vary
Accept-Encoding
content-type
application/x-javascript
accept-ranges
bytes
content-length
687
syncframe
gum.criteo.com/ Frame 68E1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.shefinds.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.medocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:30 GMT
server
Kestrel
server-processing-duration-in-ticks
1958645
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 8419 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:31 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=15d63cd5-bf47-4dd1-c2c3-43e8db94d088&tv=%7Bc:naA8yf,time:6699,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:6699,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:1248,wc:0.0.1600.1200,ac:962.7707.300.250,am:i,cc:962.7707.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B5487~0%5D,as:%5B5487~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:699,fm:tOQRD2r+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e1131%7C1e1132%7C1e1133%7C1e1134%7C1e1135%7C1e1136%7C1e1137%7C1e1138%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g1%7C1h1%7C1h2%7C1h31%7C1i1%7C1i2%7C1j1%7C1j2%7C1j3%7C1j4%7C1k1%7C1k2%7C1k3%7C1l1%7C1l2%7C1l31%7C1l32%7C1l33%7C1l34%7C1l35%7C1l36%7C1l4%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p151%7C1q1%7C1q2%7C1q31%7C1q32%7C1q33%7C1q34%7C1q35%7C1q36%7C1q37%7C1q38%7C1q39%7C1q3a%7C1q3b%7C1q3c%7C1q3d%7C1q3e%7C1q3f%7C1q3g%7C1q3h%7C1q3i%7C1q41%7C1q42%7C1q51%7C1q521%7C1q611%7C1q6121%7C1q613%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v%7C1w11%7C1x1%7C1x2%7C1x3%7C1x4%7C1x5%7C1x6%7C1x7%7C1x81%7C1x9%7C1xa%7C1xb%7C1xc%7C1xd%7C1xe%7C1xf%7C1xg%7C1xh%7C1xi11%7C1y.930203%7C1y1%7C1y2%7C1z*.930203%7C1z1%7C110%7C1111%7C1112%7C1113%7C1114%7C11151%7C112,idMap:1z*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1249,sis:1948%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
vevent
nym1-ib.adnxs.com/ Frame 4A2B 		0
661 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QL7DPSXAnsGAAADANYABQEIvoLVpwYQ1aP7wsr0ja0TGPuj6YzKkueYIyo2CXM1V3M1V8M_ESlcj8L1KLw_GQAAAKBH4RhAISYEac4TMrw_KZMdG4F4XcM_MQAAAOCjcOU_MPyRzQw48DtAmDlIAlCUz4zcAVjjx1lgAGimsGR4kc0FgAEBigEDVVNEkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAml1ZignYScsIDM4NzE4NzMsIDApO3VmKCdpJywgNzQ1ODA1NSwgMCk7dWYoJ2cnLCAyMjAxODc2OSwgMCk7dWYoJ3MnLCAyODc3MjM4ODQsIDApO3VmKCdyJywgNDYxNTgwMTgwLCAwKTuSAtUEIVpudUlCd2lVd3BzYkVKVFBqTndCR0FBZzQ4ZFpNQUE0QUVBQVNKZzVVUHlSelF4WUFHQkxhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhjM05NSlYxM0RQOEVCM056VENWZGR3el9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQmg1ckhBX1VCbXBtWlBwZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSUREZ2pfMmIwdEVBRVlBaTJhbVprLW9nTU9DUF9adlMwUUN4Z0NMWnFabVQ2NkF3bE9XVTB5T2pVMU9URGdBN1JFZ0FTOHktY0xpQVR3ek9jTGtBUUJtQVFCd1FRQUFBQUFBQUFBQU1rRUFBQUFBQUFBQUFEWUJBRHhCQUFBQUFBQUFBQUFpQVhXSzVBRjQ0MVhtQVhzb3BtSkFha0YFPCBBQUE4RC14QlEBCgkBPHdRVUFBQUJBTXpQVFA4a0YJFgEoBF9SLigAADIFKAEB8ENEd1AtQUZtWGJ3QmRIMXZ3cjRCWUdwN0FHQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQnR2NWZtcThkTzhfcUFZRXNnWWtDUQFICQEARR2MAEcdDABJHQzwZXVBWUstQWY1MHdqNEItSFhDUGdIbnRzSS1BZXlfUWcumgKZASEyeFVUV1FpVXdwc2JFSlRQak53QkdPUEhXU0FBS0FBeDJfbC1hcngwN3o4NkNVNVpUVEk2TlRVNU1FQzBSRWtBQQWQEER3UDFFBQoFAQRGawUHBQEARx0YAEcdGABIHRgQSGdBaVEREPTiAUR3UHcuLtgCytMC4AKLrTzqAj5odHRwczovL3d3dy5zaGVmaW5kcy5jb20vY29sbGVjdGlvbnMvd2FsbWFydC1wYWNrYWdpbmctY2hhbmdlL4ADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYA4_0I-ADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECzk2LjkuMjQ5LjQ1qAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjU1OTDaBAIIAeAEAPAElM-M3AH6BBIJAAAAYH9xRUARAAAAACK5U8CIBQGYBQCgBf___________wGqBSBiMDRiYzM4NjU4ZjA0N2FjMDExNTQ2NTliYmFiZmJjZMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYKQMvoFBAgAEACQBgCYBgCiBg43NjY0I05ZTTI6NjQxNbgGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI441XEoABckJPMk9sb0FBQUFEQUFrQ0JRRUktYXJ3Q1JDRF9iQUNHS1hsdEFJZ0J5Z0FRTnlROFFSSWk0bkRDbEMwUkZpUE1uRUFBQUFBQUFBQSHxBGdRMfFYQUFBSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAB8QS4ugAcBiAcAoAcBugcIKgQxLS0tQAHIB5HNBdIHDQkJvgQwQCGcENoHBggAAQmY4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAcAIytMC0ggGCAAQABgA&s=402b652ee57121c6a36dd06de301d43e83493d23&type=nv&nvt=5&jm=1003&px=471&py=5965&bw=300&bh=250&sid=1437780071776499061&vd=ct~0|rr~0&sv=239&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=26429692&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=16996&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
an-x-request-uuid
eac4f414-36f9-4eca-9ac1-a70fe6988d08
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9BE9
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=77bb92bc82a4449c8d2bae1f60dd6263&expiration=1696386631
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=77bb92bc82a4449c8d2bae1f60dd6263&expiration=1696386631
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=77bb92bc82a4449c8d2bae1f60dd6263&expiration=1696386631
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9BE9 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usermatchredir
ssum-sec.casalemedia.com/ Frame 9BE9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=493
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tp_out
d.adroll.com/cm/index/ Frame 9BE9 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
/
csync.loopme.me/ Frame 9BE9 		0
0
dcm
s.amazon-adsystem.com/ Frame 9BE9 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:31 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P6J06S3JWPQ2TKDVVJZZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9BE9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
bridge
cm.adgrx.com/ Frame 9BE9
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794634298056-115
setuid
sync.quantumdex.io/ Frame 9BE9 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cfa0da464bc1-BUF
content-length
43
content-type
image/gif
cksync.php
contextual.media.net/ Frame 2B55 		53 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=25&type=ris&ovsid=%7B%7BAPID%7D%7D&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11585%26id%3D%3Cvsid%3E
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:31 GMT
/
csync.loopme.me/ Frame 2B55 		0
0
setuid
sync.quantumdex.io/ Frame 2B55 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=rise&uid=wTUvU2M-kp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Drise%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cfa0ea484bc1-BUF
content-length
43
content-type
image/gif
value=4187545677285024608258
sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/ Frame 695E
Redirect Chain
  • https://sasinator.realestate.com.au/rea/setid/external=TRIPLELIFT/value=4187545677285024608258
  • https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=4187545677285024608258
43 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=4187545677285024608258
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
3.105.86.85 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-86-85.ap-southeast-2.compute.amazonaws.com
Software
Match/7942.841f8a355872db3aabf7e82b7a3d8f16706abb0a (i-00fe441a7f20aba5c) /
Resource Hash
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
Match/7942.841f8a355872db3aabf7e82b7a3d8f16706abb0a (i-00fe441a7f20aba5c)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
43
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
Match/7942.841f8a355872db3aabf7e82b7a3d8f16706abb0a (i-06d0b9f417a2dcf36)
p3p
CP="NOI NID ADMa PSAa OUR BUS COM NAV"
location
https://sasinator.realestate.com.au/rea/lserver/setid/external=TRIPLELIFT/value=4187545677285024608258
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
expires
-1
usermatch
usersync.getpublica.com/ Frame 695E 		0
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=triplelift&TripleLiftID=4187545677285024608258
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.28.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-28-161.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
vary
Origin
expires
0
bridge
cm.adgrx.com/ Frame 695E
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1580&userId=4187545677285024608258&gdpr=0&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=67f88371642fb974ef46ebde1ff8a6&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bus...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=o15f8_7274792520515949648&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794632685092-255
xuid
eb2.3lift.com/ Frame 695E
Redirect Chain
  • https://s.company-target.com/s/tlx?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D8804%26xuid%3D%7Bxuid%7D%26dongle%3D6aix
  • https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=edee8b52-66cf-4865-b85b-7a92b8bcf9d0
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=edee8b52-66cf-4865-b85b-7a92b8bcf9d0
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 04 Sep 2023 02:30:31 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.3lift.com
location
https://eb2.3lift.com/xuid?dongle=6aix&mid=8804&xuid=edee8b52-66cf-4865-b85b-7a92b8bcf9d0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
xuid
eb2.3lift.com/ Frame 695E
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=23&uid=4187545677285024608258&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3391&xuid=822877106412&dongle=6f30
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3391&xuid=822877106412&dongle=6f30
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Access-Control-Allow-Origin
*
Location
https://eb2.3lift.com/xuid?mid=3391&xuid=822877106412&dongle=6f30
Content-Length
0
xuid
eb2.3lift.com/ Frame 695E
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D7976%26xuid%3D%23PM_USER_ID%26dongle%3Du6nf%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=7976&xuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&dongle=u6nf&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=7976&xuid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&dongle=u6nf&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
xuid
eb2.3lift.com/ Frame 695E
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&gdpr_consent=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4557%26xuid%3D[sas_uid]%26dongle%3D7044%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4557&xuid=990277896830277133&dongle=7044&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4557&xuid=990277896830277133&dongle=7044&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4557&xuid=990277896830277133&dongle=7044&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:31 GMT
content-length
0
us.gif
sync.go.sonobi.com/ Frame 695E 		49 B
753 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4187545677285024608258
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.67 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-102
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
xuid
eb2.3lift.com/ Frame 695E
Redirect Chain
  • https://sync.1rx.io/usersync2/triplelift
  • https://p.rfihub.com/cm?pub=28593&in=1&rndcb=5122930786
  • https://sync.1rx.io/usersync/zeta/1813050723370043128
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005%2...
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&dongle=2dcc
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&dongle=2dcc
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&dongle=2dcc
Content-Type
text/html
Connection
keep-alive
xuid
eb2.3lift.com/ Frame 695E
Redirect Chain
  • https://bh.contextweb.com/bh/sync/3lift?rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3D%25%25VGUID%25%25%26dongle%3D8bee%26gdpr=0%26gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?pid=558356&ev=1&daaqp=1&rurl=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2636%26xuid%3Dy2aI2Ueo8q3c%26dongle%3D8bee%26gdpr%3D0%26gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=2636&xuid=y2aI2Ueo8q3c&dongle=8bee&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2636&xuid=y2aI2Ueo8q3c&dongle=8bee&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&gpp=&gpp_sid=&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://eb2.3lift.com/xuid?mid=2636&xuid=y2aI2Ueo8q3c&dongle=8bee&gdpr=0&gdpr_consent=
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-tq58b
expires
-1
usersync
usersync.gumgum.com/ Frame F046 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:31 GMT
Expires
0
Pragma
no-cache
pbs.gif
sync.colossusssp.com/ Frame A5BD 		0
0
setuid
sync.quantumdex.io/ Frame 63DE 		43 B
94 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012cf9f9a404bc1-BUF
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:30:31 GMT
server
cloudflare
pixel.gif
static.criteo.net/images/ Frame EF3F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 29 Aug 2024 02:30:31 GMT
pixel.gif
static.criteo.net/images/ Frame EF3F 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Thu, 29 Aug 2024 02:30:31 GMT
usync.html
eus.rubiconproject.com/ Frame 2D1F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:31 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 0DE3
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:31 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:31 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
adyoulike
s.seedtag.com/cs/cookiesync/ Frame 6A0D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/adyoulike?channeluid=d99fc1948fa396f0fdd7e4c9f13a0c3a&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
cksync.php
contextual.media.net/ Frame 6A0D 		53 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:31 GMT
/
sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/ Frame 6A0D 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32791
pixel
ap.lijit.com/ Frame 6A0D 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Sep 2023 02:30:31 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
711333.gif
id.rlcdn.com/ Frame 6A0D 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync
matching.ivitrack.com/ Frame 6A0D 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=ayl&uid=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vevent
nym1-ib.adnxs.com/ Frame DA36 		0
661 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QL7DPSXAnsGAAADANYABQEIv4LVpwYQj7WU9_zevYFdGPuj6YzKkueYIyo2CXM1V3M1V8M_ESlcj8L1KLw_GQAAAKBH4RhAISYEac4TMrw_KZMdG4F4XcM_MQAAAOCjcOU_MPyRzQw48DtAmDlIAlCUz4zcAVjjx1lgAGimsGR4leYCgAEBigEDVVNEkgEDVVNEmAGsAqAB-gGoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAml1ZignYScsIDM4NzE4NzMsIDApO3VmKCdpJywgNzQ1ODA1NSwgMCk7dWYoJ2cnLCAyMjAxODc2OSwgMCk7dWYoJ3MnLCAyODc3MjM4ODQsIDApO3VmKCdyJywgNDYxNTgwMTgwLCAwKTuSAtUEIUYzdkF6Z2lVd3BzYkVKVFBqTndCR0FBZzQ4ZFpNQUE0QUVBQVNKZzVVUHlSelF4WUFHQkxhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhjM05NSlYxM0RQOEVCM056VENWZGR3el9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQmg1ckhBX1VCbXBtWlBwZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSUREZ2pfMmIwdEVBRVlBaTJhbVprLW9nTU9DUF9adlMwUUN4Z0NMWnFabVQ2NkF3bE9XVTB5T2pVeE16WGdBN1JFZ0FTOHktY0xpQVR3ek9jTGtBUUJtQVFCd1FRQUFBQUFBQUFBQU1rRUFBQUFBQUFBQUFEWUJBRHhCQUFBQUFBQUFBQUFpQVdQS0pBRjQ0MVhtQVhzb3BtSkFha0YFPCBBQUE4RC14QlEBCgkBPHdRVUFBQUJBTXpQVFA4a0YJFgEoBF9SLigAADIFKAEB8ENEd1AtQUZtWGJ3QmRIMXZ3cjRCWUdwN0FHQ0JnTlZVMFNJQmdTUUJnR1lCZ0NoQnR2NWZtcThkTzhfcUFZRXNnWWtDUQFICQEARR2MAEcdDABJHQzwZXVBWUstQWY1MHdqNEItSFhDUGdIbnRzSS1BZXlfUWcumgKZASExaFduVndpVXdwc2JFSlRQak53QkdPUEhXU0FBS0FBeDJfbC1hcngwN3o4NkNVNVpUVEk2TlRFek5VQzBSRWtBQQWQEER3UDFFBQoFAQRGawUHBQEARx0YAEcdGABIHRgQSGdBaVEREPTiAUR3UHcuLtgCytMC4AKLrTzqAj5odHRwczovL3d3dy5zaGVmaW5kcy5jb20vY29sbGVjdGlvbnMvd2FsbWFydC1wYWNrYWdpbmctY2hhbmdlL4ADAIgDAZADAJgDFKADAaoDAMAD2ATIAwDYA4_0I-ADAOgDAPgDA4AEAJIECS9vcGVucnRiMpgEAKIECzk2LjkuMjQ5LjQ1qAQAsgQMCAAQABgAIAAwADgCuAQAwAQAyAQA0gQONzMyMCNOWU0yOjUxMzXaBAIIAeAEAPAElM-M3AH6BBIJAAAAYH9xRUARAAAAACK5U8CIBQGYBQCgBf___________wGqBSAwNDUyMmY4MGI1M2M0MTIyZTg5N2ExZDYwNTEzYjhlOcAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBYKQMvoFBAgAEACQBgCYBgCiBg43NjY0I05ZTTI6NTAxM7gGAMEGAAAAAAAA8D_QBqkl2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGhwEI441XEoABcHhQV09Wb0FBQUFEQUFrQ0JRRUktYXJ3Q1JDRF9iQUNHS1hsdEFJZ0J5Z0FRTnlROFFSSWk0bkRDbEMwUkZpVkozRUFBQUFBQUFBQSHxBGdRMfFYQUFBSWdCQUpBQkFKb0JBZ2dBcUFFQXMuIAB8QS4ugAcBiAcAoAcBugcIKgQxLS0tQAHIB5XmAtIHDQkJvgQwQCGcENoHBggAAQmY4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAcAIytMC0ggGCAAQABgA&s=6e0522b1c107f6c0e87900a58f830acee6a97f4c&type=nv&nvt=5&jm=1003&px=471&py=7187&bw=300&bh=250&sid=1437780071776499061&vd=ct~0|rr~0&sv=239&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=26429692&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=16996&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
an-x-request-uuid
29bf9301-1140-4ef4-937b-cafbcc5336fb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame AF10
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%2...
  • https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 04 Sep 2023 02:30:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:34 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 4AF2 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?env=vp&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&sz=5x5%7C640x480&iu=%2F8352%2C1017293%2Fa.shefinds%2Farticles&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&description_url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&correlator=1957555301429092&cust_params=pvuuid%3D65e90d9a-880c-4922-8429-737d1e8accef%26addir%3Dbh%252F41%252F412%252F412983%252F2498530%26site%3Dshefinds%26domain%3Dshefinds.com%26urlhash%3D2907093993%26section%3Dcollections%26directory%3Dwalmart-packaging-change%26plat%3Ddesk%26pt%3D-%26schainv10%3D1.0%252C1!pmc.com%252C1179161%252C1%252C%252C%252C%26browser%3DChrome%26pageview%3D1%26admants%3DS_10087%252CS_10271%252CS_10955%252CS_11587%252CS_12403%252CS_12404%252CS_12747%252CS_4284%252CS_4288%252CS_4289%252CS_4304%252CS_4317%252CS_4359%252CS_5276%252CS_6202%252CS_6310%252CS_6650%252CS_6654%252CS_6655%252CS_6766%252CS_6768%252CS_6911%252CS_7077%252CS_8531%252CS_9094%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1506123_PG%252CIAS_3007008_PG%252CIAS_1500690_PG%252CIAS_1500154_PG%252CIAS_1500161_PG%252CIAS_8285_KW%252CIAS_13037_KW%252CIAS_5678_KW%252CIAS_1500092_PG%252CIAS_1500085_PG%26fr%3Dtrue%26permutive%3D21967%252C32745%252C43641%252C73308%252C81752%252C87946%252C95987%252C95993%252C96402%252C97250%252C101262%252C102567%252C105086%252C116913%252C116916%252C124918%252C128800%252C128890%252C146917%252C157392%26videocodecgroup%3Dmp4%26player_type%3DfloatDesktop%26autoplay%3Dtrue%26closable_player%3Dy%26inview%3Dtrue%26player_height%3D900%26player_width%3D1600%26st%3Dvideo%26loc%3Doutstr%26inst%3D-%26us_privacy%3D1---%26consent_required%3D0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2601968080&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=2D7CB328-CFD3-4A32-BC32-E201130E5692&a3p=EhkKCnVpZGFwaS5jb20Yqcya8KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKnMmvClMUgAUgIIZA..&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&ref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&top=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&dt=1693794631780&cookie=ID%3Df4365ba33414e7f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MazNz2hq7EamHvgy9Von-nafnO9QQ&gpic=UID%3D000009fc561c41f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MbKlL1TgVc1-vhqOeuMOl23b4vyjg&scor=1912192746741331&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DC0B 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7664&pub_id=1165391&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
an-x-request-uuid
f7e25bd0-1e28-4667-8cd6-aca45195bda7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 6A99 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=poSvHGfm-PSDDcsbY_Yo-3YQL-HeaezuQinkOH0el74
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
sync.quantumdex.io/ Frame 6A99 		43 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=onetag&uid=poSvHGfm-PSDDcsbY_Yo-3YQL-HeaezuQinkOH0el74
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
8012cfa0ea474bc1-BUF
content-length
43
content-type
image/gif
B25368903.374955039;dc_pre=CN3g6dr0j4EDFXEsiAkdrQgHtw;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr...
ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/ Frame 70A0
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
  • https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_pre=CN3g6dr0j4EDFXEsiAkdrQgHtw;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdi...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_pre=CN3g6dr0j4EDFXEsiAkdrQgHtw;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=1394488214963540437&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGRzQWIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D62b70b462f96402e750fa289100f32ab25ef6422%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%212xUTWQiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTU5MEC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjU1OTA%3D%2Fbn%3D91793%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=1394488214963540437&_cb=1055072647
Protocol
H3
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_pre=CN3g6dr0j4EDFXEsiAkdrQgHtw;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EF3F 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Sep 2023 02:30:31 GMT
hbp_master_307825_11598.js
player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame 63B3 		315 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19604/hb_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
bd1ffd0298a29b2df605ae5f258324b2a5a0f8fa59f74efd92b775c72c17b086

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

expires
Wed, 06 Sep 2023 02:30:31 GMT
date
Mon, 04 Sep 2023 02:30:31 GMT
content-encoding
gzip
last-modified
Mon, 10 Jul 2023 13:16:06 GMT
server
nginx
etag
W/"64ac0496-4eb0b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
x-proxy-cache
HIT
B25368903.374955039;dc_pre=CJf_6tr0j4EDFUjiswod1gIG5w;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr...
ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/ Frame 42AC
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
  • https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_pre=CJf_6tr0j4EDFUjiswod1gIG5w;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdi...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_pre=CJf_6tr0j4EDFUjiswod1gIG5w;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=6702190739669195407&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGV5gKIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D9a6224c8146022cc29362a1f7d0f14dcc191a041%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%211hWnVwiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTEzNUC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjUxMzU%3D%2Fbn%3D45845%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=6702190739669195407&_cb=818364304
Protocol
H3
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssl.connextra.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ad.doubleclick.net/ddm/trackimp/N1056876.273391APPNEXUS/B25368903.374955039;dc_pre=CJf_6tr0j4EDFUjiswod1gIG5w;dc_trk_aid=565561957;dc_trk_cid=145638658;ord=$%7BCACHEBUSTER%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=;dc_tdv=1?
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
prebid-server.rubiconproject.com/ Frame BDE9
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%2...
  • https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 04 Sep 2023 02:30:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:34 GMT
cm
u.openx.net/w/1.0/ Frame D98A 		863 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9d5cb7a2e7ac32f3be6d9ed64f3f932141e003b179391227ceb63aaac3b5be12

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
541
content-type
text/html
date
Mon, 04 Sep 2023 02:30:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sid
mug.criteo.com/ Frame 80FC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.nodserving.com&sn=ChromeSyncframe&so=0&topUrl=www.shefinds.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=76G9eXw0S1FjWlZPQVJIMFJBVXV6Yzh3dE9jR0ZmYVlOK0I2TFBjdjRpWVBZaEduUU9DZGZUS1NROVovZUw5dGRrNUdMTjhyNGEzbXNCcnVSNWJ2c3RhZWpqam9DeHd4TE9PUTV1d0RKTzdRYkoyc0JrVTBLa1F4aFRteH...
422 B
651 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=76G9eXw0S1FjWlZPQVJIMFJBVXV6Yzh3dE9jR0ZmYVlOK0I2TFBjdjRpWVBZaEduUU9DZGZUS1NROVovZUw5dGRrNUdMTjhyNGEzbXNCcnVSNWJ2c3RhZWpqam9DeHd4TE9PUTV1d0RKTzdRYkoyc0JrVTBLa1F4aFRteHVMUXBIc3FpUkJnK3krZWVjb3A2ZElGNFQybXIxYWNhbUdYS09wQnJJaEg2YUQ5WEdBTWFqR0RzZ3poU2t2OGpDUmFHME1mQzNIaFAwSUxFTENUWTdDU3R0U2NheVU4QXhHbFgxTlVtRld3SFd3aytaNVZockZwbGZ6b2RzajlyT2lDWE5Oc3l2RmZMRVhoRjN6SkJ5RWdpSUtlOEswL3hkUVorRHF6NXBsNjJYQUdvc3I5az18&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
8a2059e6665034e930dafc17ed6efc750d1a2d39cdea517c7e5b4b3a529325dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
991753
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=76G9eXw0S1FjWlZPQVJIMFJBVXV6Yzh3dE9jR0ZmYVlOK0I2TFBjdjRpWVBZaEduUU9DZGZUS1NROVovZUw5dGRrNUdMTjhyNGEzbXNCcnVSNWJ2c3RhZWpqam9DeHd4TE9PUTV1d0RKTzdRYkoyc0JrVTBLa1F4aFRteHVMUXBIc3FpUkJnK3krZWVjb3A2ZElGNFQybXIxYWNhbUdYS09wQnJJaEg2YUQ5WEdBTWFqR0RzZ3poU2t2OGpDUmFHME1mQzNIaFAwSUxFTENUWTdDU3R0U2NheVU4QXhHbFgxTlVtRld3SFd3aytaNVZockZwbGZ6b2RzajlyT2lDWE5Oc3l2RmZMRVhoRjN6SkJ5RWdpSUtlOEswL3hkUVorRHF6NXBsNjJYQUdvc3I5az18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
510891
content-length
0
expires
0
sid
mug.criteo.com/ Frame 68E1
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.medocdn.com&sn=ChromeSyncframe&so=0&topUrl=www.shefinds.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=bYrQfnxueTVicjNXS0hyMWVXVFAzcGhYbU1URVJoNjdsQ3VuZlNVbXhDK0w3QlpOZjIyMGlKNXlQekEzNFliZkIvQnpTb0NCNnZOdlAxbm5reVlyYlA0ZnpXTGJHc1g1ZTJEVjdqQk5zVWpwOHFRU01kUFI1NldLV0Y3L1...
431 B
654 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bYrQfnxueTVicjNXS0hyMWVXVFAzcGhYbU1URVJoNjdsQ3VuZlNVbXhDK0w3QlpOZjIyMGlKNXlQekEzNFliZkIvQnpTb0NCNnZOdlAxbm5reVlyYlA0ZnpXTGJHc1g1ZTJEVjdqQk5zVWpwOHFRU01kUFI1NldLV0Y3L1FuOUNCV3JyM2tJMER3bkczMFNsN0xnTmQ4WWRrQ2pwL3N4MUhrSTdBYTM1bzFVRUx6SnVVMmdtQU12RDkwSFZjSkxOMkxLdXY1YjVkaVpTNGh1a29UM3dwZVBMbCtyOTdJMU9JK20vOHJwUnRzbzNyUHBRam9ITk9zSUhCUnU2TisrTk5MYmlHTHBMaVovRkxEcVY4Qm1WaU5BeUhmK1RwbWJmNEJjVGl6SmhDL2lFeWsybz18&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f87da225996ccd9d961b77099f5200344923108efdd812ffb4e8fa68dc6444b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1680294
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=bYrQfnxueTVicjNXS0hyMWVXVFAzcGhYbU1URVJoNjdsQ3VuZlNVbXhDK0w3QlpOZjIyMGlKNXlQekEzNFliZkIvQnpTb0NCNnZOdlAxbm5reVlyYlA0ZnpXTGJHc1g1ZTJEVjdqQk5zVWpwOHFRU01kUFI1NldLV0Y3L1FuOUNCV3JyM2tJMER3bkczMFNsN0xnTmQ4WWRrQ2pwL3N4MUhrSTdBYTM1bzFVRUx6SnVVMmdtQU12RDkwSFZjSkxOMkxLdXY1YjVkaVpTNGh1a29UM3dwZVBMbCtyOTdJMU9JK20vOHJwUnRzbzNyUHBRam9ITk9zSUhCUnU2TisrTk5MYmlHTHBMaVovRkxEcVY4Qm1WaU5BeUhmK1RwbWJmNEJjVGl6SmhDL2lFeWsybz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
480126
content-length
0
expires
0
async_usersync
ib.adnxs.com/ Frame 124D 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7664&pub_id=1165391&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
an-x-request-uuid
292b84c9-a196-4d82-af64-933e3e6eefa8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=27957730&componentId=prebid&componentSubId=mustang&timestamp=1693794631944&_fw_bidfloor=8&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-206912070&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&playerSize=948x533&video_context=instream&video_placement=3&video_plcmt=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794631928095-272
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5d78ee44663a348467758b38c5989322ef4f76fff66df3efd69e987cf483d3f

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k8nRfXyYW5rCdd2YKXlQUtka9%2BS9R9cVj7S6371m%2F13URHalboQc4dn7r5j7gV0meyOdgzWOVFEzVsgEOpRZnw%2F2xf5yR1FqnujoP6xvv1aR0e7ctvFqhtfrnjDNQFO7uUulXHL4"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cfa1bb5f542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=27957730&componentId=prebid&componentSubId=mustang&timestamp=1693794631946&_fw_bidfloor=7.5&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-206912068&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&playerSize=948x533&video_context=instream&video_placement=3&video_plcmt=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794631946066-181
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=25931234&componentId=prebid&componentSubId=mustang&timestamp=1693794631947&_fw_bidfloor=15&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-689573412&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&playerSize=948x533&video_context=instream&video_placement=3&video_plcmt=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794631941082-269
swfIndex.php
ads.stickyadstv.com/www/delivery/ 		67 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=4.2&zoneId=27957730&componentId=prebid&componentSubId=mustang&timestamp=1693794631948&_fw_bidfloor=7&_fw_bidfloorcur=USD&pbjs_version=7.51.0&pKey=-206912066&_fw_us_privacy=1---&schain=1.0%2C1!spotim.market%2Csp_BbylgSbK%2C1%2C%2C%2C!&_fw_prebid_3p_UID=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22d97c4339-b959-448c-8222-96c0c7a2480c%22%2C%22atype%22%3A1%7D%5D%7D%5D&loc=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&playerSize=948x533&video_context=instream&video_placement=3&video_plcmt=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.234 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1693794631962011-263
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
487 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=504080
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f391658d7c05d86109b2715ad7c13db5bb9f0b53240d484090cf1b3727a7bc7e

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7prxnlAZEj8q7E1kAAHEP8rlMYOHpjfR4Rp5G7Xj4a15C3qIKNIswaVh9k8Rc0M%2FnPYGl31%2FWlwNdDPwRrWdPt2r%2Bp%2BjKiefiRhS9re%2Bu4X2mVhv6QcmuOit68h%2Bs4fF2l1Jxje"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
8012cfa1cb65542b-YYZ
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
setuid
prebid-server.rubiconproject.com/ Frame 379D
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%2...
  • https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 04 Sep 2023 02:30:34 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1559 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvuH9wkUJaKYYBjTqF4JMIr5gb0_GdwY37FlKufkcLhR6eIWtgMmxxsPvxY0MC7rJXt1HINqMXF0KTUAquEhzdJriM8RkUHSKm-_MLCFgPrm8rz9pY_5tp18416jYysmUvvzJG8aBfD-AEA1eb9A5DrTEgeNIFm7iFMuNlZ8VRGxR342l4uqa8rWLybWTWd6i8iR8ksPPerccdsEAlAfKVEbqD7XZjyenLvbNzbNtAZjPHBzlFPXY0EggV_ShB4RctCXs7yUG_nC09NIpnZ-qIK9offpkmlnJywN7ScPjbiXdtnc2ANcN0oq0CFfZ2BUJLXNnPscse12AJfhuAxURGaE1MbUwDAIKwEjw&sai=AMfl-YRCaiWqjGPTc-ts4-v2bljOxpvLOymwe3vIQSDSd0zn7mhLuWJBYWNplcvBtjN6C-fbE_kzjK4WxDcORH_BK9D6ubCKTG8CyqOrSu1szoz0sTNjFRRhKCZ5EH4qH2M&sig=Cg0ArKJSzMg_I94S3KnzEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 1559 		409 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:7400:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56233df21d5cf20e733370b2ba8360f291783115d4fc4e633ab23dd0ae4af4e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 01:56:22 GMT
x-amz-version-id
gX70kDBwIFvRK6eYdKlVyfGL2wxylpWg
content-encoding
br
last-modified
Mon, 04 Sep 2023 01:22:23 GMT
server
AmazonS3
via
1.1 7bf47dc1c691ee43f7c8db83aa03a3cc.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P6
etag
W/"b46160acc37e84b67938a57a16580cfc"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2051
x-amz-cf-id
1EEONs_MEnuXGiFsqMAdYcy7C7UZ1QO-QvReWZW6hXmk1fZgmVF-tw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1559 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:32 GMT
setuid
prebid-server.rubiconproject.com/ Frame 6B4A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp...
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Date
Mon, 04 Sep 2023 02:30:34 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
setuid
prebid-server.rubiconproject.com/ Frame D98A 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
CookieSyncOpenX
rtb.adentifi.com/ Frame D98A 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncOpenX
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
sd
us-u.openx.net/w/1.0/ Frame D98A
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%2...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=8f3e33f9-3f12-0cbb-2f00-dc2952e985d7
  • https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662104814330646
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662104814330646
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
413
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537141727&val=18072662104814330646
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8012cfa44e874bcc-BUF
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame D98A
Redirect Chain
  • https://sync.1rx.io/usersync/openx/15335226-d1d8-074e-08b6-3b26068f3197
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D4070%26xuid%3DRX-b3fc7ddc-d062-4187-8251-063475c3f95f-005%2...
  • https://eb2.3lift.com/xuid?mid=4070&xuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&dongle=2dcc
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&dongle=2dcc
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://eb2.3lift.com/xuid?mid=4070&xuid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&dongle=2dcc
Content-Type
text/html
Connection
keep-alive
sd
us-u.openx.net/w/1.0/ Frame D98A
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ox
  • https://us-u.openx.net/w/1.0/sd?val=AACX7E7J6oIAACoiJc0fIg&id=537125688
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?val=AACX7E7J6oIAACoiJc0fIg&id=537125688
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?val=AACX7E7J6oIAACoiJc0fIg&id=537125688
Date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame D98A 		53 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=opx&ovsid=4e292bdb-016d-0fc5-3b14-1ca012d8ef37
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:32 GMT
sd
us-u.openx.net/w/1.0/ Frame D98A
Redirect Chain
  • https://oxp.mxptint.net/OpenX.ashx
  • https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CA5_10874D1AA_4C1A5CCE
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CA5_10874D1AA_4C1A5CCE
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537116306&val=R35CA5_10874D1AA_4C1A5CCE
Date
Mon, 04 Sep 2023 02:30:31 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-376799358; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
195
Content-Type
text/html; charset=utf-8
setuid
sync.quantumdex.io/ Frame 4AF1 		43 B
117 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:2560 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8012cfa2ca554bc1-BUF
content-length
43
content-type
image/gif
date
Mon, 04 Sep 2023 02:30:32 GMT
server
cloudflare
usync.js
eus.rubiconproject.com/ Frame 2D1F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:32 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57908
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usync.js
eus.rubiconproject.com/ Frame 0DE3 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:32 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57908
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.medocdn.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.medocdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.medocdn.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:31 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
245207
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 8419
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.medocdn.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=N6jCw3xmWEw2U3ZVZnBnbUJOcVJ1OCttbStSRUlsVjEwQlJid2JLSWorQXRTaW4wak82M1c2M0xYbm9uK1oyNFhoaEJDWThYTW83RmROVUVuV3YyMHlPcGlqRnRMTjltcmczS3RiWWFxdEZ6YUxJbWFZcjNrdW5mY1JDa1...
431 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=N6jCw3xmWEw2U3ZVZnBnbUJOcVJ1OCttbStSRUlsVjEwQlJid2JLSWorQXRTaW4wak82M1c2M0xYbm9uK1oyNFhoaEJDWThYTW83RmROVUVuV3YyMHlPcGlqRnRMTjltcmczS3RiWWFxdEZ6YUxJbWFZcjNrdW5mY1JDa1lvaDdFTWZTd1g3MWN5U0Q3NFJwZWgwZ1A2RU9IbUJ2dlRNOFdtYW0zQzUxNUhaNjFZZ0ErUEhsUUc1MFU3aGM4Z09jYmRPMVQ4UHJvTHRpeUtIT3hSRU9ZMk1pOFFsUjBoUW96YStYU1A5SDlSWTkvYUE3ekJESEllRk1GWDlXZmZ3N0RaUWRqK1dyUTBId0txT1hmNGtJN2drY2JrdTRvS1pPc2ppYnBwSWw5ckR6TUVzQT18&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
42d980a4e92a8ff9b848b3b59f84f987b13379b4d8f3f6a5ad50c178adb0846a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.medocdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
800896
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://p.medocdn.com
location
https://mug.criteo.com/sid?cpp=N6jCw3xmWEw2U3ZVZnBnbUJOcVJ1OCttbStSRUlsVjEwQlJid2JLSWorQXRTaW4wak82M1c2M0xYbm9uK1oyNFhoaEJDWThYTW83RmROVUVuV3YyMHlPcGlqRnRMTjltcmczS3RiWWFxdEZ6YUxJbWFZcjNrdW5mY1JDa1lvaDdFTWZTd1g3MWN5U0Q3NFJwZWgwZ1A2RU9IbUJ2dlRNOFdtYW0zQzUxNUhaNjFZZ0ErUEhsUUc1MFU3aGM4Z09jYmRPMVQ4UHJvTHRpeUtIT3hSRU9ZMk1pOFFsUjBoUW96YStYU1A5SDlSWTkvYUE3ekJESEllRk1GWDlXZmZ3N0RaUWRqK1dyUTBId0txT1hmNGtJN2drY2JrdTRvS1pPc2ppYnBwSWw5ckR6TUVzQT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
203151
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 8419 		135 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.medocdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.medocdn.com
date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 8419 		152 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.179.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-179-35.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
12efa38df3194ed3adbe3d83d1c1fbbffb850981748e3947e9fc60427e208cca

Request headers

Referer
https://p.medocdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://p.medocdn.com
cache-control
no-cache
x-server
10.40.47.100
access-control-allow-credentials
true
content-length
152
expires
0
sync-all.html
adxbid.info/ Frame 8356 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1787a5dfdba5a51fbef09d57aaadebb83af016d1b4f087236fa1ce27c06a99c5

Request headers

Referer
https://p.medocdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8012cfa38a490cbc-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:32 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sxeX1h3DVV7Hjexxs9bjAkUr90Ck8BfdYKjAkZWGjs85qOrumMlpRZEveBVo6cw89dWU4hNoytX3kvljfOyOh7Fu06NXl4b1HgRbHFEC6oGgSehAYcSoeM0qRI%2FxP%2B0H8n0WW0vqfz7HLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.nodserving.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.nodserving.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.nodserving.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
283522
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 7923
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.nodserving.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=ddHFYXwxM1J3M3BXL21aYURDdUU2bWllblBTTE9ub2xFbFQyTHFBc1ZORnNpK212T1lmZmYvVllzVlgzc1dPajhGNzIzK1JiRzk2VkZGOTRnZ09HOTR4TXJSbVBJT2tHR1J6TytWbTZaWWhtN01FcWhuS0hpYzA2TWVJLz...
426 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ddHFYXwxM1J3M3BXL21aYURDdUU2bWllblBTTE9ub2xFbFQyTHFBc1ZORnNpK212T1lmZmYvVllzVlgzc1dPajhGNzIzK1JiRzk2VkZGOTRnZ09HOTR4TXJSbVBJT2tHR1J6TytWbTZaWWhtN01FcWhuS0hpYzA2TWVJLzZmYzhJd0FtYWtHd0hVOXd6ckRFemxxVUZFa1pHVy9rVnYvTjdzUjFMMkluVVgxVHJvVTdJY1NGb25aOG9zbkxoMW5jWXl2UzdMWlJoUTRLbkhSaW1ISVdScitxNHlhNDJHSXpCUjBxam1CUk9Za0VTZklHenhDUjdsRVQxZGFWZGsxTTR4N1RjVmpEckpqMFlqeFZUdGRIZjh5SnBiQnRuWnowa0VnZGMxdzF4cllPRW04dz18&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ad9bdf341e0179d6854036efb9a7a9bd336fcc69be56c0a4e31583443350cf16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.nodserving.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2377482
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://p.nodserving.com
location
https://mug.criteo.com/sid?cpp=ddHFYXwxM1J3M3BXL21aYURDdUU2bWllblBTTE9ub2xFbFQyTHFBc1ZORnNpK212T1lmZmYvVllzVlgzc1dPajhGNzIzK1JiRzk2VkZGOTRnZ09HOTR4TXJSbVBJT2tHR1J6TytWbTZaWWhtN01FcWhuS0hpYzA2TWVJLzZmYzhJd0FtYWtHd0hVOXd6ckRFemxxVUZFa1pHVy9rVnYvTjdzUjFMMkluVVgxVHJvVTdJY1NGb25aOG9zbkxoMW5jWXl2UzdMWlJoUTRLbkhSaW1ISVdScitxNHlhNDJHSXpCUjBxam1CUk9Za0VTZklHenhDUjdsRVQxZGFWZGsxTTR4N1RjVmpEckpqMFlqeFZUdGRIZjh5SnBiQnRuWnowa0VnZGMxdzF4cllPRW04dz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
476959
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 7923 		135 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.nodserving.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.nodserving.com
date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 7923 		152 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.179.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-179-35.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
59cac9fb410096969d5cdcf51826f452eb58d243a27422cc0f99d6048175a8af

Request headers

Referer
https://p.nodserving.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://p.nodserving.com
cache-control
no-cache
x-server
10.40.39.80
access-control-allow-credentials
true
content-length
152
expires
0
sync-all.html
adxbid.info/ Frame CC19 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1787a5dfdba5a51fbef09d57aaadebb83af016d1b4f087236fa1ce27c06a99c5

Request headers

Referer
https://p.nodserving.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8012cfa38a4b0cbc-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:32 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJBxf9G%2BhFxlHV7Oqhg42YFqLaHBfZvp70xJUJlKzjWKApnsdofIe1yNgKTmFDdLBufND7GAAsciyPHEmzscmwjCCI7Sw1euPeGOCni%2BkJcT4QUCWZWpQTYyxTCW%2FRXNXSadU5Nv4rKr8g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
csi
csi.gstatic.com/ Frame 4AF2 		0
0
init
gw.geoedge.be/api/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9c00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 6886c621d4716e156349149ba8d65b40.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
QXKuwLq-5prwQMpwub6BaB3cBsTzbFjOpmtNSun3oOMEYQdGnE27pQ==
x-cache
Miss from cloudfront
ot_multi_template.js
fo-static-usa02.omnitagjs.com/ Frame 1559 		499 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-static-usa02.omnitagjs.com/ot_multi_template.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.30 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-30.deploy.static.akamaitechnologies.com
Software
ayl-lb-fra02 /
Resource Hash
23d42c85b8de044716deef4fd88de6ab9edff8e0a198bc956a290b1bdae32204
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.shefinds.com/
Origin
https://www.shefinds.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
pragma
public
last-modified
Thu, 30 Mar 2023 13:07:40 GMT
server
ayl-lb-fra02
etag
"6425899c-7cd64"
access-control-max-age
86400
access-control-allow-methods
OPTIONS, GET
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-credentials
false
cache-control
public, max-age=982
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type
expires
Mon, 04 Sep 2023 02:46:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 93D9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
164114
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Sep 2023 04:55:18 GMT
expires
Sun, 01 Sep 2024 04:55:18 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3330 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/191e27c7-e539-4da7-98e5-2d3c626338be/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fd71dbbd1b814d65ea512a3653f2ad2122db9724367ffa77372e203ac4d8f290
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-fg3AZN8z2wWR181z_oZ5mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-fg3AZN8z2wWR181z_oZ5mA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:32 GMT
expires
Mon, 04 Sep 2023 02:30:32 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
ps.eyeota.net/pixel/bounce/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=51md42u&t=ajs&e_pc=3&e_mr=0
  • https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
761 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ps.eyeota.net/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
2d5c0a6e1d981f5b51024544d54014cb57bf0b240ecae7f5a4eb6e0c2115c26b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
application/javascript
Date
Mon, 04 Sep 2023 02:30:34 GMT
Content-Length
761
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/pixel/bounce/?pid=51md42u&t=ajs&e_pc=3&e_mr=0
Date
Mon, 04 Sep 2023 02:30:34 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
config.json
player.adtelligent.com/exchange_rates/307824/ Frame 63B3 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/307824/config.json?cb=https%3A%2F%2Fwww.shefinds.com
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
e526dec546f52d33e10654eb66ea362614d3bed63800892021fd0f977c5e8960

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 06 Sep 2023 02:30:32 GMT
date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
last-modified
Sat, 02 Sep 2023 12:02:28 GMT
server
nginx
etag
W/"64f32454-857"
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
max-age=172800
x-proxy-cache
HIT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=N6jCw3xmWEw2U3ZVZnBnbUJOcVJ1OCttbStSRUlsVjEwQlJid2JLSWorQXRTaW4wak82M1c2M0xYbm9uK1oyNFhoaEJDWThYTW83RmROVUVuV3YyMHlPcGlqRnRMTjltcmczS3RiWWFxdEZ6YUxJbWFZcjNrdW5mY1JDa1lvaDdFTWZTd1g3MWN5U0Q3NFJwZWgwZ1A2RU9IbUJ2dlRNOFdtYW0zQzUxNUhaNjFZZ0ErUEhsUUc1MFU3aGM4Z09jYmRPMVQ4UHJvTHRpeUtIT3hSRU9ZMk1pOFFsUjBoUW96YStYU1A5SDlSWTkvYUE3ekJESEllRk1GWDlXZmZ3N0RaUWRqK1dyUTBId0txT1hmNGtJN2drY2JrdTRvS1pPc2ppYnBwSWw5ckR6TUVzQT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
379664
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
generate_204
tpc.googlesyndication.com/ Frame 796C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?wAX0ig
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ddHFYXwxM1J3M3BXL21aYURDdUU2bWllblBTTE9ub2xFbFQyTHFBc1ZORnNpK212T1lmZmYvVllzVlgzc1dPajhGNzIzK1JiRzk2VkZGOTRnZ09HOTR4TXJSbVBJT2tHR1J6TytWbTZaWWhtN01FcWhuS0hpYzA2TWVJLzZmYzhJd0FtYWtHd0hVOXd6ckRFemxxVUZFa1pHVy9rVnYvTjdzUjFMMkluVVgxVHJvVTdJY1NGb25aOG9zbkxoMW5jWXl2UzdMWlJoUTRLbkhSaW1ISVdScitxNHlhNDJHSXpCUjBxam1CUk9Za0VTZklHenhDUjdsRVQxZGFWZGsxTTR4N1RjVmpEckpqMFlqeFZUdGRIZjh5SnBiQnRuWnowa0VnZGMxdzF4cllPRW04dz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
472211
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
singleadvert
gsm-adverts.betstream.betgenius.com/ Frame 15E6 		31 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=1394488214963540437&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi-gtWnBhDVo_vCyvSNrRMY-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGRzQWIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D62b70b462f96402e750fa289100f32ab25ef6422%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%212xUTWQiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTU5MEC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjU1OTA%3D%2Fbn%3D91793%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=1394488214963540437&_cb=1055072647
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8ffd0935d3a74bdffa6b8a1595b08705a25f6b3a07cef2c3e250332b30c24a8e

Request headers

Referer
https://ssl.connextra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=79
content-encoding
gzip
content-length
4079
content-type
text/html
date
Mon, 04 Sep 2023 02:30:32 GMT
etag
"d57aa720194b65431679614ec5f7e2b9:1693595189.117853"
server
AkamaiNetStorage
vary
Accept-Encoding
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:30:32 GMT
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:32 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
csi
csi.gstatic.com/ Frame 4AF2 		0
0
singleadvert
gsm-adverts.betstream.betgenius.com/ Frame 2CAF 		31 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Requested by
Host: ssl.connextra.com
URL: https://ssl.connextra.com/servlet/controller?service=DDM_SB_ACQ_US_NFLH2HAug2023_300x250&pubhost=www.shefinds.com&apnauc=6702190739669195407&tclk=https%3A%2F%2Fnym1-ib.adnxs.com%2Fclick2%3Fe%3DwqT_3QKcAfCbnAAAAAMAxBkFAQi_gtWnBhCPtZT3_N69gV0Y-6PpjMqS55gjIPyRzQwo8DswmDk4AkCUz4zcAUjjx1lQAFoDVVNEYgNVU0RorAJw-gF4prBkgAGV5gKIAQGQAQKYAQWgAQKpAXM1V3M1V8M_sQEpXI_C9Si8P7kBAAAAoEfhGEDBASYEac4TMrw_yQGTHRuBeF3DP9gBytMC4AEA%2Fs%3D9a6224c8146022cc29362a1f7d0f14dcc191a041%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%211hWnVwiUwpsbEJTPjNwBGOPHWSAAKAAx2_l-arx07z86CU5ZTTI6NTEzNUC0REkAAAAAAADwP1EAAAAAAAAAAFkAAAAAAAAAAGEAAAAAAAAAAGkAAAAAAAAAAHEAAAAAAAAAAHgAiQEAAAAAAADwPw..%2Fcca%3DNzMyMCNOWU0yOjUxMzU%3D%2Fbn%3D45845%2Fclickenc%3D&client=MGM_Sportsbook_Casino&dspid=3bc1d7fd2e&placement=DDM_APN_SB_ACQ_US_MI_NFLH2HAug2023_300x250&bidid=6702190739669195407&_cb=818364304
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8ffd0935d3a74bdffa6b8a1595b08705a25f6b3a07cef2c3e250332b30c24a8e

Request headers

Referer
https://ssl.connextra.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=79
content-encoding
gzip
content-length
4079
content-type
text/html
date
Mon, 04 Sep 2023 02:30:32 GMT
etag
"d57aa720194b65431679614ec5f7e2b9:1693595189.117853"
server
AkamaiNetStorage
vary
Accept-Encoding
truncated
/ Frame 1559 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef73a59e88671aa66a4cf82d2858a59c4f1c7587703f816632f85e45461cb12c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame BFE6 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=13493, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Mon, 04 Sep 2023 06:15:27 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 7A0C 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=13493, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Mon, 04 Sep 2023 06:15:27 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame A0AE 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=13492, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Mon, 04 Sep 2023 06:15:27 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame EBF5 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=13492, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Mon, 04 Sep 2023 06:15:27 GMT
vpaid-adapter.min.js
cdn.stickyadstv.com/mustang/ Frame 5649 		446 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6f992"
X-Cache-Status
MISS
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=13492, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive, Transfer-Encoding
Accept-Ranges
bytes
Expires
Mon, 04 Sep 2023 06:15:27 GMT
setuid
rtb.adxpremium.services/ Frame CC19
Redirect Chain
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Vary
Origin
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

location
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
rtb.adxpremium.services/ Frame 8356
Redirect Chain
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
0
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
Vary
Origin
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

location
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
date
Mon, 04 Sep 2023 02:30:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
v1
lb.eu-1-id5-sync.com/lb/ Frame 8419 		33 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
c63f50523e60884764c5d882996837b330c1bf60a7579e8803c16016af200250
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.medocdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.medocdn.com
date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lb.eu-1-id5-sync.com/lb/ Frame 7923 		33 B
403 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
c93bb666edc38f9d86ea123edcc394ba315cde251fef36d363e9298a84a1b09e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.nodserving.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.nodserving.com
date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
setuid
prebid-server.rubiconproject.com/ Frame A5BD
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp...
  • https://sync.targeting.unrulymedia.com/csync/RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005?redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D%26gdpr_consent%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Date
Mon, 04 Sep 2023 02:30:36 GMT
Server
Tengine
ETag
RXb3fc7ddcd06241878251063475c3f95f005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://prebid-server.rubiconproject.com/setuid?bidder=unruly&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Content-Type
text/html
Connection
keep-alive
pixel
tracking-usa02.omnitagjs.com/tracking/ Frame 1559 		49 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-usa02.omnitagjs.com/tracking/pixel?event_kind=PLACEMENT_MATCH_BROWSER&attempt=de7bc018fbf6c6d91899587aa6219230
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
info-ayl.svg
fo-static-usa02.omnitagjs.com/fo-static/native/images/ Frame 1559 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fo-static-usa02.omnitagjs.com/fo-static/native/images/info-ayl.svg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.30 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-30.deploy.static.akamaitechnologies.com
Software
ayl-lb-fra02 /
Resource Hash
d85b0c45e4dcbe764a9f4750e9189f9167f947d68be7fb60626155c043ebf09b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
0
content-length
3443
pragma
public
last-modified
Tue, 28 Mar 2023 13:42:02 GMT
server
ayl-lb-fra02
etag
"6422eeaa-d73"
access-control-max-age
86400
access-control-allow-methods
OPTIONS, GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=762
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
X-Requested-With, Content-Type
expires
Mon, 04 Sep 2023 02:43:14 GMT
pixel
tracking-usa02.omnitagjs.com/tracking/ Frame 1559 		49 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-usa02.omnitagjs.com/tracking/pixel?event_kind=IMPRESSION&attempt=de7bc018fbf6c6d91899587aa6219230&campaign=e2a82912438eaa7d2f234f778f82c274
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:35 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
49
expires
0
pixel
tracking-usa02.omnitagjs.com/tracking/ Frame 1559 		49 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracking-usa02.omnitagjs.com/tracking/pixel?event_kind=INSERTION&attempt=de7bc018fbf6c6d91899587aa6219230&campaign=e2a82912438eaa7d2f234f778f82c274
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:35 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
300x250.css
gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/ Frame 15E6 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ac6575b4e4685b3f889dda249cde1634551a9f6b47c52f5dd930f8e00e4d5b18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
last-modified
Mon, 02 Jan 2023 23:01:39 GMT
server
AkamaiNetStorage
etag
"8a50ece2016abcb880bdd9cea7d1ad22:1672700499.005731"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3564
externals.js
gsm-adverts.betstream.betgenius.com/javascript/ Frame 15E6 		112 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2600eeca7f9eaeca88f4de816464513c930dfb4e13f66a4da43c7e92edbee06d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"93b3402a7ceb08b3f0d40f0b07d981cd:1693595188.871245"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=42193
content-length
30457
xhr-event-proxy.js
gsm-adverts.betstream.betgenius.com/javascript/ Frame 15E6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/javascript/xhr-event-proxy.js
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e577c9056e22205ba3500fa9d6a0a009fc016aa09de86561770ab915fc055c8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"01517fd0bc13f33ce7d09c941616bdd1:1693595188.921845"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=42193
content-length
2693
BetMGM-gold.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/logos/ Frame 15E6 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/logos/BetMGM-gold.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
80f72b5d89d4e786dce9cb90234876f255718ae35b605c8bb3c12d2d7278bf7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"840d92c3c226b093a9d536311cfa3720:1668093400.410382"
content-length
2759
content-type
image/png
FixtureHead2HeadMultiCalc1x2.js
gsm-adverts.betstream.betgenius.com/getWidgetJS/ Frame 15E6 		110 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/getWidgetJS/FixtureHead2HeadMultiCalc1x2.js
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
istio-envoy / Express
Resource Hash
917fbb162b3f8ca31eda6df68a4d64527e81112d2bd71fb27a51dff027eaad8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
server
istio-envoy
x-powered-by
Express
etag
W/"1b8b4-CWHSSCFS43QN7BqlFm+4OVnbypk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
2
content-length
24391
getWidgetInitScript
gsm-adverts.betstream.betgenius.com/ Frame 15E6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/getWidgetInitScript?uuid=f4a13980-4aca-11ee-823a-4fdf8971be8d&advert=true&renderConfigId=2023_NFLH2H_OH&productName=MGM&containerId=gsm-advert&c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250&culture=en-US
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
istio-envoy / Express
Resource Hash
2275ad747d3db7a8bac16b1d6dddfe8d97de3e8c047e46f032b9486b3274298b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
server
istio-envoy
x-powered-by
Express
etag
W/"1522-cTcyM1e0aBOizulkV90zC7zINtM"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-envoy-upstream-service-time
1
content-length
1439
300x250.css
gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/ Frame 2CAF 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ac6575b4e4685b3f889dda249cde1634551a9f6b47c52f5dd930f8e00e4d5b18

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
last-modified
Mon, 02 Jan 2023 23:01:39 GMT
server
AkamaiNetStorage
etag
"8a50ece2016abcb880bdd9cea7d1ad22:1672700499.005731"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3564
externals.js
gsm-adverts.betstream.betgenius.com/javascript/ Frame 2CAF 		112 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2600eeca7f9eaeca88f4de816464513c930dfb4e13f66a4da43c7e92edbee06d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"93b3402a7ceb08b3f0d40f0b07d981cd:1693595188.871245"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=42193
content-length
30457
xhr-event-proxy.js
gsm-adverts.betstream.betgenius.com/javascript/ Frame 2CAF 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/javascript/xhr-event-proxy.js
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e577c9056e22205ba3500fa9d6a0a009fc016aa09de86561770ab915fc055c8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"01517fd0bc13f33ce7d09c941616bdd1:1693595188.921845"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=42193
content-length
2693
BetMGM-gold.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/logos/ Frame 2CAF 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/logos/BetMGM-gold.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
80f72b5d89d4e786dce9cb90234876f255718ae35b605c8bb3c12d2d7278bf7c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"840d92c3c226b093a9d536311cfa3720:1668093400.410382"
content-length
2759
content-type
image/png
FixtureHead2HeadMultiCalc1x2.js
gsm-adverts.betstream.betgenius.com/getWidgetJS/ Frame 2CAF 		110 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/getWidgetJS/FixtureHead2HeadMultiCalc1x2.js
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
istio-envoy / Express
Resource Hash
917fbb162b3f8ca31eda6df68a4d64527e81112d2bd71fb27a51dff027eaad8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
server
istio-envoy
x-powered-by
Express
etag
W/"1b8b4-CWHSSCFS43QN7BqlFm+4OVnbypk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
2
content-length
24391
getWidgetInitScript
gsm-adverts.betstream.betgenius.com/ Frame 2CAF 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/getWidgetInitScript?uuid=f4a13980-4aca-11ee-823a-4fdf8971be8d&advert=true&renderConfigId=2023_NFLH2H_OH&productName=MGM&containerId=gsm-advert&c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250&culture=en-US
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
istio-envoy / Express
Resource Hash
2275ad747d3db7a8bac16b1d6dddfe8d97de3e8c047e46f032b9486b3274298b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
server
istio-envoy
x-powered-by
Express
etag
W/"1522-cTcyM1e0aBOizulkV90zC7zINtM"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
x-envoy-upstream-service-time
1
content-length
1439
sodar
pagead2.googlesyndication.com/pagead/ Frame 3330 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308290101&jk=287535046088818&rc=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
ab
nym1-ib.adnxs.com/ Frame ECE4 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/ab?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QLRDvBMUQcAAAMA1gAFAQjEgtWnBhDIy-WNw_uRk2AY-6PpjMqS55gjKjYJKVyPwvUozD8RyCk6kst_yD8ZAAAAoEfhGEAhyCk6kst_yD8pKVwJJNAxAAAA4KNw5T8w_JHNDDjwO0DMFUgCUJe0z8wBWOPHWWAAaKawZHjtygWAAQGKAQNVU0SSAQEG4JgB2AWgAVqoAQGwAQC4AQLAAQXIAQLQAQnYAQDgAQDwAQCKAml1ZignYScsIDIyMzU2MzAsIDApOwEULGknLCA4MjA0OTM2LBEULGcnLCAyMDg0MzMyMhUVAHMBFRw4Mzk3MDkzOBUWMHInLCA0MjkxMjAwMjMFFvR1AZICqQUhR1lHTW53amJ0OUlhRUplMHo4d0JHQUFnNDhkWk1BRTRBRUFBU013VlVQeVJ6UXhZQUdCTGFBQndBSGdBZ0FFQWlBRUFrQUVCbUFFQm9BRUNxQUVDc0FFQXVRRXByWC1uOWlqTVA4RUJLYTFfcF9Zb3pEX0pBUUFBQUFBQUFQQV8yUUVBQUFBQUFBRHdQLUFCaU9YMEFfVUJBQUJBUUpnQ0FLQUNBTFVDQUFBQUFMMENBQUFBQU1BQ0FNZ0NBTkFDQU5nQ0FPQUNBT2dDQVBnQ0FJQURBWmdEQWFJRERnaUtqS3dxRUFJWUFpMEFBQUFBb2dNT0NQN0c3aTRRQkJnQkxVS2ZfRGlpQXhNSXZxdjNMUkFLR0FFdHI2a0VRRElEZFc1eG9nTU9DSXFNckNvUUN4Z0NMUUFBQUFDNkF3bE9XVTB5T2pVME9EUGdBN1JFZ0FTRjJ0QUtpQVMtMjlBS2tBUUFtQVFFd1FRQUFBQUFBAfgETWsR9QH4BFJCAQcwQUFBZ0JwQTJBUUE4UTEhUEFBQUlnRjZ5cVlCZnFhdEljQnFRVQEWATgQd1A3RUYBCgkBCERCQh03AHkuKAAAOTIoAABaFSjAUEFfNEFYd3F3SHdCYnFXLUFuNEJlNjVpQUdDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCZwlqMEFBaEFxQVlFc2dZa0MddABFHQwARx0MAEkdDPBDdUFZS3lBY0E0QWNENkFjQThRY0FBQUNnbVptNVBfZ0gtZE1JLUFmaDF3ajRCNTdiQ1BnSHN2MEmaApkBIWNSTGFCQWo2rQIoT1BIV1NBQUtBQXgRn1hDRUE2Q1U1WlRUSTZOVFE0TTBDMFJFaw0fDER3UDE9gABGERgMQUFBRx0YAEcdGABIDRggSUFhUUhnQWlRDRABTPBpdy4u2ALK0wLgAoutPOoCPmh0dHBzOi8vd3d3LnNoZWZpbmRzLmNvbS9jb2xsZWN0aW9ucy93YWxtYXJ0LXBhY2thZ2luZy1jaGFuZ2Uv8gIRCgZBRFZfSUQSBzIyMzU2MzDyAhIKBkNQRwEUCAgyMGnvARUIBUNQARQACXXuEPICDQoIAT4YRlJFURIBMAUQHFJFTV9VU0VSBRAADAkgGENPREUSAPIBDwhDUEcVDxALCgdDUBUOEBAKBUlPAWEAB414APIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fB9gAMAiAMBkAMAmAMUoAMBqgMAwAPYBMgDANgDj_Qj4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQLOTYuOS4yNDkuNDWoBACyBAwIABAAGAAgADAAOAC4BADABADIBADSBA4yNzY0I05ZTTI6NTQ4M9oEAggB4AQA8ASXodl0-gQSCQAAAGB_cUVAEQAAAAAiuVPAiAUBmAUAoAX_EQGgAaoFIGRlN2JjMDE4ZmJmNmM2ZDkxODk5NTg3YWE2MjE5MjMwwAUAyQUBQhgAAPA_0gUJAVcFATTYBQHgBQHwBcOCCvoFBAGmKJAGAJgGALgGAMEGBSIsAPA_0AaYCtoGFgoQCREZAaAQABgA4AYB8gYCCACABwGIBwCgBwG6BwgqBDEtLS1AAcgH7coF0gcNCREzATEI2gcGAWisGADgBwDqBwIIAPAHg8mJBooIAhAAlQgAAIA_mAgBwAjK0wLSCAYIABAAGAA.&s=b8fc16b08c6dd578bc0176370ff1713dc3dfeb13&pp=0.191
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b6a3d6278775481d7aaa4e7464e5f82b70a49a9638e1800af94e76b0743ee778
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
gzip
x-creative-id
429120023
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
pragma
no-cache
an-x-request-uuid
1ebb0c97-55c1-4dac-b6c9-79a8ca7e1274
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
fo-ssp-usa02.omnitagjs.com/fo-ssp/ Frame 1559 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fo-ssp-usa02.omnitagjs.com/fo-ssp/sync?attempt=de7bc018fbf6c6d91899587aa6219230
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.11 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
ccb0952eb11eeeaefbe2819f90f79681b9babec310ad39d1fd61bbbfc2e72259
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
4
content-length
1004
expires
0
generate_204
tpc.googlesyndication.com/ Frame CF20 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7o7jrw
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync.html
cdn.undertone.com/js/ Frame 026B 		12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2511:6a00:1f:2473:9080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
68900
content-encoding
gzip
content-type
text/html
date
Sun, 03 Sep 2023 07:22:13 GMT
etag
W/"9f69f355a69e650f4a86354e76e60d40"
last-modified
Tue, 18 Jul 2023 10:31:18 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0bc560bfbdf419589e7d5b642ae14678.cloudfront.net (CloudFront)
x-amz-cf-id
jVovmVyENPjSfsf_tqZZdUHjgVjGOX1tdAmLeTBl5MWeJtDkrMxEXQ==
x-amz-cf-pop
JFK50-P6
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
5cDzvCPt5iTw_HTWM8q.kHMVnUk7Smec
x-cache
Hit from cloudfront
sync
thrtle.com/
Redirect Chain
  • https://thrtle.com/sync?vxii_pid=7002&vxii_pdid=HQzWZQZHTprevADoQOeL11M1
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=brgeu23&ttd_tpi=1&TTD_PUID=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
  • https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=3175ac58-0d9d-47aa-b429-d8f42e050f30
43 B
540 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=3175ac58-0d9d-47aa-b429-d8f42e050f30
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
52.201.153.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-153-89.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Mon, 04 Sep 2023 02:30:33 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/sync?vxii_pid=5015&vxii_pdid=3175ac58-0d9d-47aa-b429-d8f42e050f30
date
Mon, 04 Sep 2023 02:30:33 GMT
server
Kestrel
content-length
199
cksync.php
contextual.media.net/ Frame 260D 		53 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:32 GMT
usync.html
eus.rubiconproject.com/ Frame 729F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:32 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame 9B86
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:32 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
711333.gif
id.rlcdn.com/ Frame 260D 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync
matching.ivitrack.com/ Frame 260D 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=ayl&uid=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
adyoulike
s.seedtag.com/cs/cookiesync/ Frame 260D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/adyoulike?channeluid=d99fc1948fa396f0fdd7e4c9f13a0c3a&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
/
sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/ Frame 260D 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32321
pixel
ap.lijit.com/ Frame 260D 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Sep 2023 02:30:32 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
setuid
prebid-server.rubiconproject.com/ Frame CC71
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26g...
  • https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://prebid-server.rubiconproject.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&account=&f=i&uid=3Rc7sqqnn7qxF4WMAfRB&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cdb
bidder.criteo.com/ Frame 63B3 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.37.3&cb=18149451346&lsavail=0
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
57b0e0a7d54ae34142ca6704ca24fe6dd3907cd9098575866dc6b4a74ee5b3ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://p.safeservingcdn.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
ROS
pbjs.e-planning.net/pbjs/1/2e43c/1/www.shefinds.com/ Frame 63B3 		324 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2e43c/1/www.shefinds.com/ROS?rnd=0.02006509511654575&e=300x250_0%3A300x250%2C728x90%2C320x250%2C336x280&ur=https%3A%2F%2Fwww.shefinds.com&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.shefinds.com&ccpa=1---&e_pubcid=57169701-8e56-48a7-b598-7c992dad1d99
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.246 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
0e949b4f700d3202d53bf39f0466f8f01c30f31904d8c163cf2b758e1e042fae

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

expires
Mon, 04 Sep 2023 02:30:32 GMT
date
Mon, 04 Sep 2023 02:30:32 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://p.safeservingcdn.com
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
324
x-sid
IAD-1215
auction
rtb.adxpremium.services/openrtb2/ Frame 63B3 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c5b894e92e022a66ff2e0936874ba037fd611094ef9f5e353ee3ca30700bba7c

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:32 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://p.safeservingcdn.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1917
Expires
0
openrtb
adx.adform.net/adx/ Frame 63B3 		0
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
securepubads.g.doubleclick.net/gampad/ 		377 B
167 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4012409536050128&correlator=3738594979058173&eid=31077576%2C20222283&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=8352%3A1017293%2Ca.shefinds%2Carticles&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=15&sfv=1-0-40&rcs=1&ists=1&eri=1&sc=1&cookie=ID%3Df4365ba33414e7f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MazNz2hq7EamHvgy9Von-nafnO9QQ&gpic=UID%3D000009fc561c41f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MbKlL1TgVc1-vhqOeuMOl23b4vyjg&abxe=1&dt=1693794632880&lmt=1693830476&adxs=0&adys=15687&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=23&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&vis=1&psz=1600x1200&msz=0x0&fws=128&ohw=0&psts=AOrYGsnnC91UF6cTPDsAz6cn3V-SHlGn3D5Akqhf6rV5tTnahYjljdWxOsEsE4sWfznnEANm100uUJW1gA-ulw%2CAOrYGsn2ca7cYZ-6pwtnNQkfzm7eBfBMd8HEvYeyzdoaKsNucKmQEbXrkSF14SDWETQ9qwyaAHmU4Zq291I6eQ%2CAOrYGsnFz0ILjUQz98rxX4Gp3skWgVEHcHqjT9e-Aa76O1KA4JjMc5_dt05qNQ32yDOb31mxgQye7NKc2J-jQA%2CAOrYGsmaVb2McJJsyWjtAcSbJcWNcPCb2m4Xw6FIA7Mq6Uh26XLJ-TFzwHjgxqLDLQ1RVa5vum8F-9kzn9f3GQ%2CAOrYGskmgawm1vxUUtr1_m_exO0xlZ828INxc7i-_BrZ11L13B9jUZvpYHOatXJFLu_Iq-O4SiHHNJv-yKOfHw%2CAOrYGsmJTBqNuMk29Wtj8Gp3gQJb2tlHeoucwkG58noey_TUh8GxipWFAlRoQWIEIPZ66MGlGvASqJHCkG68n3l6CmdC%2CAOrYGsln7AhoiRmGYn8NPRWM7a--2Yj0aj_7_-FS5Q7hbUsHSS08b7bwC_pDOhXFqeUIXfa60zxsrvfySRam&ga_vid=1789139906.1693794608&ga_sid=1693794609&ga_hid=373171656&ga_fc=true&a3p=EhkKCnVpZGFwaS5jb20Yqcya8KUxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGKnMmvClMUgAUgIIZA..&dlt=1693794606980&idt=1664&ppid=92e47ef3-e5e4-4a9c-b6d4-2eb85344024c&prev_scp=oop%3Dcontent-belt-2%26divid%3Dskm-ad-outstream-test%26st%3Dinlineoop%26inview%3Dtrue%26loc%3D1%26impuuid%3D2153611e-ffe1-4078-a400-2587174c1de2%26inst%3D1%26stinst%3D1%26id%3Dfc2b280b-4aca-11ee-b76b-0e5bb606f9c9%26vw%3D40%2C50%2C60%2C70%26grm%3D40%2C50%2C60%2C70%26pub%3D40&cust_params=permutive%3D21967%252C32745%252C43641%252C73308%252C81752%252C87946%252C95987%252C95993%252C96402%252C97250%252C101262%252C102567%252C105086%252C116913%252C116916%252C124918%252C128800%252C128890%252C146917%252C157392%26puid%3Db10f1680-a6f7-4e6e-8f05-6311e1399ca3%26ptime%3D1693794609682%26pvuuid%3D65e90d9a-880c-4922-8429-737d1e8accef%26addir%3Dbh%252F41%252F412%252F412983%252F2498530%26site%3Dshefinds%26domain%3Dshefinds.com%26urlhash%3D2907093993%26section%3Dcollections%26directory%3Dwalmart-packaging-change%26plat%3Ddesk%26pt%3D-%26schainv10%3D1.0%252C1!pmc.com%252C1179161%252C1%252C%252C%252C%26browser%3DChrome%26pageview%3D1%26admants%3DS_10087%252CS_10271%252CS_10955%252CS_11587%252CS_12403%252CS_12404%252CS_12747%252CS_4284%252CS_4288%252CS_4289%252CS_4304%252CS_4317%252CS_4359%252CS_5276%252CS_6202%252CS_6310%252CS_6650%252CS_6654%252CS_6655%252CS_6766%252CS_6768%252CS_6911%252CS_7077%252CS_8531%252CS_9094%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1506123_PG%252CIAS_3007008_PG%252CIAS_1500690_PG%252CIAS_1500154_PG%252CIAS_1500161_PG%252CIAS_8285_KW%252CIAS_13037_KW%252CIAS_5678_KW%252CIAS_1500092_PG%252CIAS_1500085_PG%26fr%3Dtrue%26prmtvsdk%3Dweb%26videocodecgroup%3Dmp4%26refresh%3Dy%26boom_session%3D11033ff46a8271b&adks=1140019239&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f03559454319f4e07953263db04f128744922af6aacdddf3a1f6570ef571a9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
u.openx.net/w/1.0/ Frame 2E50 		853 B
528 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f9777b4b2109c19b2428e27e662efb111aa1370e71a5e81306c3975986b9ed49

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
509
content-type
text/html
date
Mon, 04 Sep 2023 02:30:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame DB7B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:33 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 117F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame DB14 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
675
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cfa83b4c36ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:33 GMT
expires
Mon, 04 Sep 2023 06:30:32 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 7E67 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
676
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cfa85b7536ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:33 GMT
expires
Mon, 04 Sep 2023 06:30:33 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:37 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794637135072-291
45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
pagead2.googlesyndication.com/bg/ Frame 93D9 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/45TQ4WJNUFNsi_RKEccy4FYYQq63aBzPbRMjDYcMLJU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 02:41:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
172133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14879
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Sep 2024 02:41:40 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0FC6 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:33 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
rd_log
nym1-ib.adnxs.com/ Frame ECE4 		0
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QLODvDtTgcAAAMA1gAFAQjEgtWnBhDIy-WNw_uRk2AY-6PpjMqS55gjKjYJT57B7eQZzD8RppvEILByyD8ZAAAAoEfhGEAhyCk6kst_yD8pKVyPwvUozD8xAAAA4KNw5T8w_JHNDDjwO0DMFUgCUJe0z8wBWOPHWWAAaKawZHjtygWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJpdWYoJ2EnLCAyMjM1NjMwLCAwKTt1ZignaScsIDgyMDQ5MzYsIDApO3VmKCdnJywgMjA4NDMzMjIsIDApOwE9PHMnLCAyODM5NzA5MzgsIDAJPzByJywgNDI5MTIwMDIzBRb0dQGSAqkFIUdZR01ud2pidDlJYUVKZTB6OHdCR0FBZzQ4ZFpNQUU0QUVBQVNNd1ZVUHlSelF4WUFHQkxhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVDcUFFQ3NBRUF1UUVwclgtbjlpak1QOEVCS2ExX3BfWW96RF9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQmlPWDBBX1VCQUFCQVFKZ0NBS0FDQUxVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSUREZ2lLakt3cUVBSVlBaTBBQUFBQW9nTU9DUDdHN2k0UUJCZ0JMVUtmX0RpaUF4TUl2cXYzTFJBS0dBRXRyNmtFUURJRGRXNXhvZ01PQ0lxTXJDb1FDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTBPRFBnQTdSRWdBU0YydEFLaUFTLTI5QUtrQVFBbUFRRXdRUUFBQUFBQQH4BE1rEfUB-ARSQgEHMEFBQWdCcEEyQVFBOFExIVBBQUFJZ0Y2eXFZQmZxYXRJY0JxUVUBFgE4EHdQN0VGAQoJAQhEQkIdNwB5LigAADkyKAAAWhUowFBBXzRBWHdxd0h3QmJxVy1BbjRCZTY1aUFHQ0JnTlZVMFNJQmdDUUJnR1lCZ0NoQmcJajBBQWhBcUFZRXNnWWtDHXQARR0MAEcdDABJHQzwQ3VBWUt5QWNBNEFjRDZBY0E4UWNBQUFDZ21abTVQX2dILWRNSS1BZmgxd2o0QjU3YkNQZ0hzdjBJmgKZASFjUkxhQkFqNq0CKE9QSFdTQUFLQUF4EZ9YQ0VBNkNVNVpUVEk2TlRRNE0wQzBSRWsNHwxEd1AxPYAARhEYDEFBQUcdGABHHRgASA0YIElBYVFIZ0FpUQ0QAUzwaXcuLtgCytMC4AKLrTzqAj5odHRwczovL3d3dy5zaGVmaW5kcy5jb20vY29sbGVjdGlvbnMvd2FsbWFydC1wYWNrYWdpbmctY2hhbmdlL_ICEQoGQURWX0lEEgcyMjM1NjMw8gISCgZDUEcBFCAIMjA4NDMzMjIBFQgFQ1ABFAAJde4Q8gINCggBPhhGUkVREgEwBRAcUkVNX1VTRVIFEAAMCSAYQ09ERRIA8gEPCENQRxUPEAsKB0NQFQ4QEAoFSU8BYSAHODIwNDkzNvIBIQRJTxUhOBMKD0NVU1RPTV9NT0RFTAErFADyAhoKFjIWABxMRUFGX05BTQVxCB4KGjYdAAhBU1QBPhBJRklFRAE-HBUKCFNQTElUAU0Z2fDegAMAiAMBkAMAmAMUoAMBqgMAwAPYBMgDANgDj_Qj4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQLOTYuOS4yNDkuNDWoBACyBAwIABAAGAAgADAAOAK4BADABADIBADSBA4yNzY0I05ZTTI6NTQ4M9oEAggB4AQA8ASXtM_MAfoEEgkAAABgf3FFQBEAAAAAIrlTwIgFAZgFAKAF____________AaoFIGRlN2JjMDE4ZmJmNmM2ZDkxODk5NTg3YWE2MjE5MjMwwAUAyQUAAAAAAADwP9IFCQkAAAkONNgFAeAFAfAFw4IK-gUEAaYokAYAmAYAuAYAwQYJIyjwP9AGmAraBhYKEAkRGQGgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcIKgQxLS0tQAHIB-3KBdIHDQkRMwExCNoHBgFooBgA4AcA6gcCCADwBwCKCAIQAJUIAACAP5gIAcAIytMC0ggGCAAQABgA&s=9b8681ada59307a3431737024af48cfde8dc9f2a&bdref=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&bdtop=true&bdifs=3&bstk=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F,https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F,https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F,about%3Asrcdoc&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
an-x-request-uuid
69485411-b58e-4c45-acfa-755a9c069b37
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
it
nym1-ib.adnxs.com/ Frame ECE4 		0
644 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nym1-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QK3DPDtNwYAAAMA1gAFAQjEgtWnBhDIy-WNw_uRk2AY-6PpjMqS55gjKjYJT57B7eQZzD8RppvEILByyD8ZAAAAoEfhGEAhyCk6kst_yD8pKVyPwvUozD8xAAAA4KNw5T8w_JHNDDjwO0DMFUgCUJe0z8wBWOPHWWAAaKawZHjtygWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJpdWYoJ2EnLCAyMjM1NjMwLCAwKTt1ZignaScsIDgyMDQ5MzYsIDApO3VmKCdnJywgMjA4NDMzMjIsIDApOwE9PHMnLCAyODM5NzA5MzgsIDAJPzByJywgNDI5MTIwMDIzBRb0dQGSAqkFIUdZR01ud2pidDlJYUVKZTB6OHdCR0FBZzQ4ZFpNQUU0QUVBQVNNd1ZVUHlSelF4WUFHQkxhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVDcUFFQ3NBRUF1UUVwclgtbjlpak1QOEVCS2ExX3BfWW96RF9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQmlPWDBBX1VCQUFCQVFKZ0NBS0FDQUxVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSUREZ2lLakt3cUVBSVlBaTBBQUFBQW9nTU9DUDdHN2k0UUJCZ0JMVUtmX0RpaUF4TUl2cXYzTFJBS0dBRXRyNmtFUURJRGRXNXhvZ01PQ0lxTXJDb1FDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTBPRFBnQTdSRWdBU0YydEFLaUFTLTI5QUtrQVFBbUFRRXdRUUFBQUFBQQH4BE1rEfUB-ARSQgEHMEFBQWdCcEEyQVFBOFExIVBBQUFJZ0Y2eXFZQmZxYXRJY0JxUVUBFgE4EHdQN0VGAQoJAQhEQkIdNwB5LigAADkyKAAAWhUowFBBXzRBWHdxd0h3QmJxVy1BbjRCZTY1aUFHQ0JnTlZVMFNJQmdDUUJnR1lCZ0NoQmcJajBBQWhBcUFZRXNnWWtDHXQARR0MAEcdDABJHQzwQ3VBWUt5QWNBNEFjRDZBY0E4UWNBQUFDZ21abTVQX2dILWRNSS1BZmgxd2o0QjU3YkNQZ0hzdjBJmgKZASFjUkxhQkFqNq0CKE9QSFdTQUFLQUF4EZ9YQ0VBNkNVNVpUVEk2TlRRNE0wQzBSRWsNHwxEd1AxPYAARhEYDEFBQUcdGABHHRgASA0YIElBYVFIZ0FpUQ0QAUz0KgF3Li7YAsrTAuACi6086gI-aHR0cHM6Ly93d3cuc2hlZmluZHMuY29tL2NvbGxlY3Rpb25zL3dhbG1hcnQtcGFja2FnaW5nLWNoYW5nZS-AAwCIAwGQAwCYAxSgAwGqAwDAA9gEyAMA2AOP9CPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAs5Ni45LjI0OS40NagEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjI3NjQjTllNMjo1NDgz2gQCCAHgBADwBJe0z8wB-gQSCQAAAGB_cUVAEQAAAAAiuVPAiAUBmAUAoAX___________8BqgUgZGU3YmMwMThmYmY2YzZkOTE4OTk1ODdhYTYyMTkyMzDABQDJBQAAAAAAAPA_0gUJCQEKAQE02AUB4AUB8AXDggr6BQQBpiiQBgCYBgC4BgDBBgEhMAAA8D_QBpgK2gYWChAJERkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAboHCCoEMS0tLUAByAftygXSBw0JETMBMQjaBwYBaKAYAOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAHACMrTAtIIBggAEAAYAA..&s=c800fee465ec2a7f51f9b11234a8d8ff2376b224
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
an-x-request-uuid
cf854b2e-21b0-4674-a095-13258bdca7ee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/239/ Frame ECE4 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:33 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Tue, 03 Sep 2024 02:30:33 GMT
7dc70b06-cda8-4d56-8ee4-4b01967fa08d.jpg
crcdn01.adnxs-simple.com/creative/p/2764/2023/3/31/45206352/ Frame ECE4 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crcdn01.adnxs-simple.com/creative/p/2764/2023/3/31/45206352/7dc70b06-cda8-4d56-8ee4-4b01967fa08d.jpg
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.21.3 /
Resource Hash
ccd532317ed10e516dd0052790507dfc63f6e095085a90e0e1657f2ad590de97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
Sat, 30 Sep 2023 07:35:09 GMT
Date
Mon, 04 Sep 2023 02:30:33 GMT
Via
1.1 varnish, 1.1 varnish
x-amz-request-id
9fc538e7-504e-48fa-b668-af243bfe1fe8
Age
1623323
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
63730
X-Served-By
cache-lga21927-LGA, cache-yyz4558-YYZ
Last-Modified
Fri, 31 Mar 2023 20:57:48 GMT
Server
nginx/1.21.3
X-Timer
S1693794633.123224,VS0,VE2
ETag
"a48b962815e894ace9a2314476ca4268"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Clv-Request-Id
9fc538e7-504e-48fa-b668-af243bfe1fe8
Cache-Control
max-age=3888000
Accept-Ranges
bytes
X-Clv-S3-Version
2.5
X-Cache-Hits
1893, 8
seg
secure.adnxs.com/ Frame ECE4 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/seg?add=33298606&t=2
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
an-x-request-uuid
f64762d2-c242-467d-ac78-ac404d6ce61f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prbds2s
rtb.gumgum.com/usync/ Frame C02F 		2 KB
988 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.237.116.249 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-237-116-249.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c1386718a8ec989b9968427a08fa8e0de0a6d61da8ade2ea506d49a3b370fe0e

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 04 Sep 2023 02:30:33 GMT
etag
W/"0d62d8d7073f37b82697de1648c07a65e"
server
nginx
timing-allow-origin
*
setuid
prebid-server.rubiconproject.com/ Frame 2E50 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
sd
us-u.openx.net/w/1.0/ Frame 2E50
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=openx&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073053&val=BfCE3hDnG2SOJFTOP3fi&pi=openx&gdpr=0
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073053&val=BfCE3hDnG2SOJFTOP3fi&pi=openx&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073053&val=BfCE3hDnG2SOJFTOP3fi&pi=openx&gdpr=0
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT, Mon, 04 Sep 2023 02:30:33 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2E50
Redirect Chain
  • https://openx-ums.acuityplatform.com/tum?tpid=22&uid=f8e50ff9-06ea-033f-0295-8853109345ec&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537123500%26val%3D___AUID___
  • https://us-u.openx.net/w/1.0/sd?id=537123500&val=822877106412
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537123500&val=822877106412
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://us-u.openx.net/w/1.0/sd?id=537123500&val=822877106412
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame 2E50
Redirect Chain
  • https://openx.adhaven.com/bid-engine/cs/377c7998bb9f42e5aea0416c9dac091f/v1?rd=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537146931%26val%3D%24UID
  • https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_d310d0c3-9c84-4ec9-b774-cedfdb0bae3f
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_d310d0c3-9c84-4ec9-b774-cedfdb0bae3f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537146931&val=4c_d310d0c3-9c84-4ec9-b774-cedfdb0bae3f
date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
6
tr.blismedia.com/v1/dpusync/ Frame 2E50
Redirect Chain
  • https://tr.blismedia.com/v1/api/sync/openx
  • https://eu-u.openx.net/w/1.0/sd?id=539732443&gdpr=&gdpr_consent=&val=64F54135CB651D785D3403B7BLIS&r=https%3A%2F%2Ftr.blismedia.com%2Fv1%2Fredirect%2Fopenx%3Fpartner_device_id%3D64F54135CB651D785D34...
  • https://tr.blismedia.com/v1/redirect/openx?partner_device_id=64F54135CB651D785D3403B7BLIS
  • https://pixel.rubiconproject.com/exchange/sync.php?p=blismedia
  • https://tr.blismedia.com/v1/dpusync/6?uid=LM49KSCX-B-B1NA
49 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/dpusync/6?uid=LM49KSCX-B-B1NA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
cache-control
no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://tr.blismedia.com/v1/dpusync/6?uid=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
sd
us-u.openx.net/w/1.0/ Frame 2E50
Redirect Chain
  • https://openx2-match.dotomi.com/match/bounce/current?networkId=15900&version=1&nuid={OX_USER_ID}
  • https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881033&nuid={OX_USER_ID}
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881033&nuid={OX_USER_ID}
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://us-u.openx.net/w/1.0/sd?id=537072954&val=AQEI4rF7ZpD3QgJAeFb1AQEBAQE&expiration=1693881033&nuid={OX_USER_ID}
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 2E50
Redirect Chain
  • https://px.owneriq.net/eox
  • https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7470810201041396218P
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7470810201041396218P
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Mon, 04 Sep 2023 02:30:33 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://us-u.openx.net/w/1.0/sd?id=537073059&val=Q7470810201041396218P
Content-Type
text/html
Cache-Control
max-age=24539
Connection
keep-alive
Content-Length
154
setuid
user-sync.adxpremium.services/ Frame CC19
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
86 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
multitracking
ghb.spotim.market/adunit/ Frame EF3F 		0
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.spotim.market/adunit/multitracking
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/aYHHO/hbw_release_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:799:0:ec4:7aff:fe6e:a48e Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.shefinds.com
Date
Mon, 04 Sep 2023 02:30:32 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
setuid
user-sync.adxpremium.services/ Frame 8356
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
86 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
692.json
id5-sync.com/g/v2/ Frame 8419 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11596.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
14aa1f337a19fe92f13d8365a64133522e4f8319f43cb1fb005e391890bdd2df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.medocdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://p.medocdn.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
692.json
id5-sync.com/g/v2/ Frame 7923 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11600.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
133a81284db3e6eb325fcd359830833f3915b5198062f1a92a71aa425b134299
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.nodserving.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://p.nodserving.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
setuid
prebid-server.rubiconproject.com/ Frame 6B4A
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%2...
  • https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 04 Sep 2023 02:30:36 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://prebid-server.rubiconproject.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=3367962136634934000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:36 GMT
usync.js
eus.rubiconproject.com/ Frame 9B86 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:33 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57907
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 5153 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e1b8df1d3cb758b158e721187cc1be8399d80ea37864a97f844a02bf78c94e41

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1771
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:33 GMT
Expires
0
Keep-Alive
timeout=1, max=489
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 46DE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cdn.undertone.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=12776
server
AkamaiGHost
sync
usr.undertone.com/userPixel/ Frame 026B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
Ydnkx81SGTyCqn7vxbod56_GBLnr1pJSO0uQG1j2qdIPMQj1iM_raA==

Redirect headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=cd682563-aac2-0946-32de-7d09579b5db9
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
usr.undertone.com/userPixel/ Frame 026B
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
0
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
content-length
0
x-amz-cf-id
AI-gsyPh2IAijL1_EuD7qdh1-D-OrNS994tVno5sUnTk2kEzPz4jug==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-_XpWzOtE2uFABF6UNB53uzxF43Sfj4FC~A
date
Mon, 04 Sep 2023 02:30:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 026B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386633
0
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386633
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
OC4b6wNFB_mCcRgdkdIYl4fFzZDF29JDzOIpFvFyCN2sjiGxK6UoLg==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=46&uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&ttl=1696386633
date
Mon, 04 Sep 2023 02:30:33 GMT
server
Kestrel
content-length
249
sync
usr.undertone.com/userPixel/ Frame 026B
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=12776
  • https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
7LHJUQhxuUXwcpULFVlu833ADwe03gaDaiskM4c7RZcQHX3MrZk6lw==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usr.undertone.com/userPixel/sync?partner=rubicon&uid=LM49KSCX-B-B1NA
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0b388c490ecfef74be7d13328a4f3ac3
Expires
0
sync
usr.undertone.com/userPixel/ Frame 026B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DA6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
LUXaCJjNMjpOAe_cxXHn4sj1JOAkPLo5nffdScc24ml0ksXLuNDeKw==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
date
Mon, 04 Sep 2023 02:30:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
usr.undertone.com/userPixel/ Frame 026B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D54%26uid%3D%7BuserId%7D
  • https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:32 GMT
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
PGnJJg9oflMFI1SWBA4s4rBZcYzNTQ0y4srbtDR0n8KgK3ffkO5Okw==

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:32 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://usr.undertone.com/userPixel/sync?partnerId=54&uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
usr.undertone.com/userPixel/ Frame 026B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58545/occ
  • https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
content-length
0
x-amz-cf-id
zsbvdGSDHmA1jWoC7t8jowMrdjFOmPDI8s2REBbseE6VDJGYP3m1-A==

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=56&uid=y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
date
Mon, 04 Sep 2023 02:30:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
setuid
prebid-server.rubiconproject.com/ Frame 026B 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=undertone&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
t.gif
cw.addthis.com/ Frame 026B 		0
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cw.addthis.com/t.gif?pid=46&pdid=240ab8accf13429baf1eb69921bd87db
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.66.215 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-66-215.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 04 Sep 2023 02:30:33 GMT
ibs:dpid=152416&dpuuid=24td0frjcg4v9teczygazdi3f
dpm.demdex.net/ Frame 026B 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=152416&dpuuid=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0dcb686ce.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
FU0G/qiySGo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
15597
tags.bluekai.com/site/ Frame 026B 		62 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/15597?id=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.112.185 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-126-112-185.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Mon, 04 Sep 2023 02:30:33 GMT
content-length
62
content-type
image/gif
380008.gif
idsync.rlcdn.com/ Frame 026B
Redirect Chain
  • https://idsync.rlcdn.com/403716.gif?partner_uid=24td0frjcg4v9teczygazdi3f
  • https://cms.analytics.yahoo.com/cms?partner_id=LVRMP
  • https://ups.analytics.yahoo.com/ups/58768/cms?partner_id=LVRMP
  • https://idsync.rlcdn.com/380008.gif?partner_uid=y-mAbTxSlE2pwDoiwkY41nzIyHoBq9Fv6ZCaY-~A
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/380008.gif?partner_uid=y-mAbTxSlE2pwDoiwkY41nzIyHoBq9Fv6ZCaY-~A
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/380008.gif?partner_uid=y-mAbTxSlE2pwDoiwkY41nzIyHoBq9Fv6ZCaY-~A
date
Mon, 04 Sep 2023 02:30:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch.gif
beacon.krxd.net/ Frame 026B 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=24td0frjcg4v9teczygazdi3f
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dundertone%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.87.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-87-197.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-served-by
beacon-n004-ash-prod.krxd.net
date
Mon, 04 Sep 2023 02:30:33 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1693794633
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame 729F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:33 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57907
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usync
ssp.api.tappx.com/cs/ Frame 420E 		0
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A7298272160482644129&auxuid=
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:33 GMT
server
nginx
transfer-encoding
chunked
300x250.jpg
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/defaults/nfl/ohio/ Frame 15E6 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/defaults/nfl/ohio/300x250.jpg
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c4cf626d6d28870cf28eedddfdb8582e52c3f1e16cae98647f3fd6c8f55b22e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Mon, 28 Aug 2023 21:35:08 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"918622bc22a3166cbcaf9b3e893c5873:1693258508.277525"
content-length
21639
content-type
image/jpeg
300x250.jpg
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/backgrounds/nightField/ Frame 15E6 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/backgrounds/nightField/300x250.jpg
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b716c0dcd7b9f350e189327f96a651160b4a0611b32a6117ee37ed5ebfaed0a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"7a12b2145a56d4549972bdaa47dda156:1668093400.488792"
content-length
5609
content-type
image/jpeg
GT-America-Extended-Black.otf
gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/ Frame 15E6 		89 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/GT-America-Extended-Black.otf
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
35814d2479806ebf3af0fc0cbf6fcfa23f4e9b91e1b8f1237ebbed38dc01bffd

Request headers

Referer
https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Origin
https://gsm-adverts.betstream.betgenius.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 22:41:43 GMT
server
AkamaiNetStorage
etag
"531c79bb99466cf745aab50597c245c4:1668552103.746116"
vary
Accept-Encoding
content-type
font/otf
accept-ranges
bytes
GT-America-Standard-Regular.otf
gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/ Frame 15E6 		81 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/GT-America-Standard-Regular.otf
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
41525e9401a730caaaf5e5306b0763a83cb592411779926bd6e78c0db3fb362e

Request headers

Referer
https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Origin
https://gsm-adverts.betstream.betgenius.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 22:41:43 GMT
server
AkamaiNetStorage
etag
"8ef009a0222f47da165e2935a4d70b6e:1668552103.788748"
vary
Accept-Encoding
content-type
font/otf
accept-ranges
bytes
GT-America-Condensed-Regular.otf
gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/ Frame 15E6 		83 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/GT-America-Condensed-Regular.otf
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
eb0ca965fb69c9bcee6beb126ddb7db6b9bc89c4458a5cc56d495eda98e01a9c

Request headers

Referer
https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Origin
https://gsm-adverts.betstream.betgenius.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 22:41:43 GMT
server
AkamaiNetStorage
etag
"c1090a243c7d2fd4d4bc9e520e29b2ec:1668552103.778836"
vary
Accept-Encoding
content-type
font/otf
accept-ranges
bytes
300x250.jpg
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/defaults/nfl/ohio/ Frame 2CAF 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/defaults/nfl/ohio/300x250.jpg
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c4cf626d6d28870cf28eedddfdb8582e52c3f1e16cae98647f3fd6c8f55b22e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Mon, 28 Aug 2023 21:35:08 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"918622bc22a3166cbcaf9b3e893c5873:1693258508.277525"
content-length
21639
content-type
image/jpeg
300x250.jpg
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/backgrounds/nightField/ Frame 2CAF 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/backgrounds/nightField/300x250.jpg
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b716c0dcd7b9f350e189327f96a651160b4a0611b32a6117ee37ed5ebfaed0a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"7a12b2145a56d4549972bdaa47dda156:1668093400.488792"
content-length
5609
content-type
image/jpeg
GT-America-Extended-Black.otf
gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/ Frame 2CAF 		89 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/GT-America-Extended-Black.otf
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
35814d2479806ebf3af0fc0cbf6fcfa23f4e9b91e1b8f1237ebbed38dc01bffd

Request headers

Referer
https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Origin
https://gsm-adverts.betstream.betgenius.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 22:41:43 GMT
server
AkamaiNetStorage
etag
"531c79bb99466cf745aab50597c245c4:1668552103.746116"
vary
Accept-Encoding
content-type
font/otf
accept-ranges
bytes
GT-America-Standard-Regular.otf
gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/ Frame 2CAF 		81 KB
52 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/GT-America-Standard-Regular.otf
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
41525e9401a730caaaf5e5306b0763a83cb592411779926bd6e78c0db3fb362e

Request headers

Referer
https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Origin
https://gsm-adverts.betstream.betgenius.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 22:41:43 GMT
server
AkamaiNetStorage
etag
"8ef009a0222f47da165e2935a4d70b6e:1668552103.788748"
vary
Accept-Encoding
content-type
font/otf
accept-ranges
bytes
GT-America-Condensed-Regular.otf
gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/ Frame 2CAF 		83 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/globalAssets/fonts/GT-America/GT-America-Condensed-Regular.otf
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
eb0ca965fb69c9bcee6beb126ddb7db6b9bc89c4458a5cc56d495eda98e01a9c

Request headers

Referer
https://gsm-adverts.betstream.betgenius.com/resources/MGM/Head2HeadFramed/300x250.css
Origin
https://gsm-adverts.betstream.betgenius.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
last-modified
Tue, 15 Nov 2022 22:41:43 GMT
server
AkamaiNetStorage
etag
"c1090a243c7d2fd4d4bc9e520e29b2ec:1668552103.778836"
vary
Accept-Encoding
content-type
font/otf
accept-ranges
bytes
usync.js
eus.rubiconproject.com/ Frame 117F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:33 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57907
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usersync
usersync.gumgum.com/ Frame C02F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&gdpr=&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=be9ad483-e088-4267-a345-03c46e0ae8c9&user_group=1&ssp=gumgum2&bsw_param=54d10197-cb46-413a-91f9-8e6ea8d9de90
  • https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=54d10197-cb46-413a-91f9-8e6ea8d9de90&gdpr=&gdpr_consent=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame C02F
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&obuid=ENC(N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DN8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHU...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_...
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.191 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:34 GMT
Cache-Control
no-cache
X-TraceId
a7391b0b915fef9f85ef1afef21b093c
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=485
Content-Length
0
Expires
0
usersync
usersync.gumgum.com/ Frame C02F
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:32 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame C02F
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=cf3d1abc-8c5c-4479-a90c-615ee6ecc762
access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:33 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame C02F
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-1cb89387-68b2-5299-7f97-b3590a1ca813$ip$96.9.249.45
Date
Mon, 04 Sep 2023 02:30:33 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame C02F
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=990277896830277133
date
Mon, 04 Sep 2023 02:30:32 GMT
content-length
0
usersync
usersync.gumgum.com/ Frame C02F
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-5tY94yFE2pfCWLbBCyRucIzrZS6i2kesm_xm~A
content-length
0
setuid
prebid-server.rubiconproject.com/ Frame C02F 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=gumgum&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=b&uid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
async_usersync
ib.adnxs.com/ Frame DB7B 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
an-x-request-uuid
93bb9a9d-58e3-4074-b3ab-fafef6408d2d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5153
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=77bb92bc82a4449c8d2bae1f60dd6263&expiration=1696386633
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=77bb92bc82a4449c8d2bae1f60dd6263&expiration=1696386633
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=77bb92bc82a4449c8d2bae1f60dd6263&expiration=1696386633
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5153
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822877106412
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822877106412
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Access-Control-Allow-Origin
*
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=822877106412
Content-Length
0
bridge
cm.adgrx.com/ Frame 5153
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794634020043-106
usermatchredir
ssum-sec.casalemedia.com/ Frame 5153
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=486
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 5153 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v049-04c85c1a1.edge-va6.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
J2wzOWLTQAg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
CookieIndex
rtb.adentifi.com/ Frame 5153 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
bridge
cm.adgrx.com/ Frame 5153
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAA%26468&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:33 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794633519052-309
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 5153
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
usr.undertone.com/userPixel/ Frame 5153 		0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=57&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197137&cb=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D57%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-81.jfk50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 f9aa0e4086fcbefc20f307d96a8e3b44.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
JFK50-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
1
content-length
0
x-amz-cf-id
U-W7UER9j4EOwD9kioVycJx7ZM-a5kLllm-ufCA8HXIQYIMrr_VpQw==
async_usersync
ib.adnxs.com/ Frame 0FC6 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7664&pub_id=1165391&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
an-x-request-uuid
8c58fb90-fcef-431d-b0ba-baeecdf31bce
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:30:33 GMT
event
collector.sheknows.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
86400
content-length
0
date
Mon, 04 Sep 2023 02:30:33 GMT
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:33 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
event
collector.sheknows.com/ 		3 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.sheknows.com/event
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.119.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-119-5.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/json; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:33 GMT
access-control-allow-headers
Content-Type
content-length
3
access-control-max-age
86400
access-control-allow-methods
POST
content-type
application/json; charset=UTF-8
usersync
usersync.gumgum.com/ Frame AD7A
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_0bf2bdef-6a6e-425f-bda4-fe041801fa71&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Mon, 04 Sep 2023 02:30:33 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=c71bb500-7d1c-4182-b47d-bb1d4ea32a08
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame B43E
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:33 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 04 Sep 2023 02:30:33 GMT Mon, 04 Sep 2023 02:30:33 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=BfCE3hDnG2SOJFTOP3fi&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 8027
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:33 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
pixel
cm.g.doubleclick.net/ Frame DF85 		170 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV8wYmYyYmRlZi02YTZlLTQyNWYtYmRhNC1mZTA0MTgwMWZhNzE=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BAC2 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dgumgum%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101334
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:33 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sovrn_standalone_beacon.js
ap.lijit.com/www/sovrn_beacon_standalone/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:37 GMT
Content-Encoding
gzip
Last-Modified
Mon, 31 Jul 2023 16:20:24 GMT
Server
nginx
ETag
W/"64c7df48-22bf"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Methods
GET
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
X-Robots-Tag
noindex
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires
Mon, 04 Sep 2023 03:30:37 GMT
usync.js
eus.rubiconproject.com/ Frame 46DE 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:33 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57907
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
metrics
connect-metrics-collector.s-onetag.com/ 		0
72 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://connect-metrics-collector.s-onetag.com/metrics
Requested by
Host: api.viglink.com
URL: https://api.viglink.com/api/sync.js?key=ded13cb2113c2b66a7c8b815830d095c&ccpaConsent=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.13.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0cb5afe0ce76779e.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:33 GMT
content-length
0
vary
Origin
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFprWTJ4clExbnFHSGltWEEzJTJGa0hEZyUyRjhmSnUlMkZVbVA1JTJCWE5UUjZLJTJCdHN4dFhKWVZqUEV0emVvUmRSM3QxdVJvMDF2SW5KdGRvNW9Qc1VEcEVIU2VRTFNpdGdCSHQwbnpmRHIxN2hnJTNEJTNE&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.shefinds.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
190658
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame EF3F
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=www.shefinds.com&bundle=oaBiDF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTGFXajYlMkZ1b2VZMEZjRHhaN28lMkJ1b1l0a1dJSFp...
  • https://mug.criteo.com/sid?cpp=ozNvBHxxVmNxY1pGVlViYnE4ZGJZejhRakRpZUhYbUhZUXhqeit6RFRtNWNtWlZSWnhReGdqK21ad2w2UUtkR3oxVUIxOG1sYW9pTVg1S0M1Y3E3cDI2RDNtejVsZFVwL0xIempLcWtQS1hJNnd5czlxKythcEtMWnZ4NH...
445 B
704 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ozNvBHxxVmNxY1pGVlViYnE4ZGJZejhRakRpZUhYbUhZUXhqeit6RFRtNWNtWlZSWnhReGdqK21ad2w2UUtkR3oxVUIxOG1sYW9pTVg1S0M1Y3E3cDI2RDNtejVsZFVwL0xIempLcWtQS1hJNnd5czlxKythcEtMWnZ4NHN4QlJvUEpkdnJINExuYWROdkNlcGZZYjk3dTlSb3B2N3ZFbTlQNGZ2Wml1Y1ZrTTMyVHlyYTFOQVlSaVB5OHJ4aGx1YUJXTDNZV1EyYjZkY1FjWTkxeVQ5dGRsd1kyQUxINjVtVStDNUNBdFNiL1cwb1c2TTczUjRieDd5SzU3SVRlZXk0SGlvbFpsT2haV00rMVJWNUs3VThlVFVGZW16dkNqeU8vY0pvZjZoamR2MGhxZz18&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
2cf0d25b49d43a05764546f3ec2e55ded524944996ee9e204d259778ef72780c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1548097
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.shefinds.com
location
https://mug.criteo.com/sid?cpp=ozNvBHxxVmNxY1pGVlViYnE4ZGJZejhRakRpZUhYbUhZUXhqeit6RFRtNWNtWlZSWnhReGdqK21ad2w2UUtkR3oxVUIxOG1sYW9pTVg1S0M1Y3E3cDI2RDNtejVsZFVwL0xIempLcWtQS1hJNnd5czlxKythcEtMWnZ4NHN4QlJvUEpkdnJINExuYWROdkNlcGZZYjk3dTlSb3B2N3ZFbTlQNGZ2Wml1Y1ZrTTMyVHlyYTFOQVlSaVB5OHJ4aGx1YUJXTDNZV1EyYjZkY1FjWTkxeVQ5dGRsd1kyQUxINjVtVStDNUNBdFNiL1cwb1c2TTczUjRieDd5SzU3SVRlZXk0SGlvbFpsT2haV00rMVJWNUs3VThlVFVGZW16dkNqeU8vY0pvZjZoamR2MGhxZz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
281819
content-length
0
expires
0
rid
match.adsrvr.org/track/ Frame EF3F 		108 B
883 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1qnzqyj&fmt=json
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8bc1a93771d94872461883f2291a48cc07fb795159ed7309a0ec958b8c76c02f

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.shefinds.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Wed, 04 Oct 2023 02:30:33 GMT
syncpixel.html
cdn.deepintent.com/ Frame 9AEB 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.deepintent.com/syncpixel.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
130.211.16.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
136.16.211.130.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2297
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=3600
content-length
2178
content-type
text/html
date
Mon, 04 Sep 2023 01:52:16 GMT
etag
"132d7c71dbfb6624f05d37c846072bf8"
last-modified
Mon, 07 Nov 2022 09:28:43 GMT
server
UploadServer
x-goog-generation
1667813323196150
x-goog-hash
crc32c=nI96+A== md5=Ey18cdv7ZiTwXTfIRgcr+A==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2178
x-guploader-uploadid
ADPycdvmr68H6uuHn_J2x5009Ydjal_0U2re6ZjrUrzfukXGfnhk8RND40bk4T70HedxVKU6LyDDf0pbpH77bb68Uz8oRQ
isyn
prebid.a-mo.net/ Frame ED85 		184 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.198.144 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
30811f9af1c96e4bb1d57ba56bd1ce1554c36b4ffb0a6f87168bab6a76b10d3a

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:33 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3FEA 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.199 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-199.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:33 GMT
ETag
"623de86a-cf34"
Expires
Tue, 05 Sep 2023 02:30:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Unused62
8096267
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 8A37 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:33 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0384 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101334
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:33 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.spotim.market/ Frame A2A7
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323551%26extuid%3D%24UID
  • https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
43 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:33 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 04 Sep 2023 02:30:33 GMT
Location
https://sync.spotim.market/csync?t=a&ep=323551&extuid=HQzWZQZHTprevADoQOeL11M1
X-Sovrn-Pod
ad_ap7ewr1
csync
sync.spotim.market/ Frame 25A4
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D323548%26extuid%3D%24UID%26%5BGDPR_APPLIES%5D%26gdpr_consent%3D%5BGDPR_CONSENT_STRING%5D
  • https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
43 B
452 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:33 GMT
Etag
afb42d02c4c3c298
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
323fdd0b-ac4d-4467-80b3-ae185b58cd44
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:33 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.spotim.market/csync?t=a&ep=323548&extuid=2535980227366638075&[GDPR_APPLIES]&gdpr_consent=[GDPR_CONSENT_STRING]
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
pd
us-u.openx.net/w/1.0/ Frame 4B76 		654 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&gdpr=0&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a4828e9c469bf9c4a59364969f8c3d95830efae62ad729eb1afd6a035c23346c

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
425
content-type
text/html
date
Mon, 04 Sep 2023 02:30:33 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame BFEF 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
676
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8012cfabf82d36ab-YYZ
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:33 GMT
expires
Mon, 04 Sep 2023 06:30:33 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 162E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
99a7536110ef2e97cdff6da3027025626cb350fe88b01a6b8ac2c87b9ee4342c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
918
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 384F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156813&us_privacy=1---
Requested by
Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_270443_31.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101334
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:33 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 86B1 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
ab925196fa47dc7d1d177dea19fe5d608e6f1821306baf2ba42a22eef9b440ec

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2005
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:33 GMT
Expires
0
Keep-Alive
timeout=1, max=488
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usermatch
ssum-sec.casalemedia.com/ Frame 1B6B 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
d828438fc784fd8de00c317d60cd34aca3c0a86939d90f84d9bba2de44bf14db

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
2042
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:33 GMT
Expires
0
Keep-Alive
timeout=1, max=487
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.js
eus.rubiconproject.com/ Frame 8027 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:33 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57907
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=984e27da-3232-bb44-eb5b-68b1e7d8ea4a&tv=%7Bc:naA9cw,pingTime:15,time:16511,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:728,h:90,t:954%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:16511,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:954,wc:0.0.1600.1200,ac:436.1101.728.90,am:i,cc:436.1101.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15828~100%5D,as:%5B15828~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:889,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i*.930203%7C1i1%7C1j.930203%7C1j1%7C1k.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1y.930203%7C1z.930203,idMap:1i*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:956,sis:1882%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
server
nginx
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
2023_NFLH2H_OH
gsm-adverts.betstream.betgenius.com/widget-data/ Frame 15E6 		15 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/widget-data/2023_NFLH2H_OH?culture=en-US&productName=MGM
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/xhr-event-proxy.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
istio-envoy / Express
Resource Hash
22ee92569b468e5a3e5ef96096d34c4d0ac88de34cb2472441e0a463971def2d

Request headers

Accept
application/json
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
server
istio-envoy
x-powered-by
Express
etag
W/"3a32-5smAbAuW9Dm27h2TUoLQRCjG63Q"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
6
content-length
2342
82959.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/82959.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
db8c8b622eba81f568dfafa8589d94329439d9f1c1812277aba700170265883f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"cc162a25b947c807dfeb3332dc52b46d:1668093400.445788"
content-length
64547
content-type
image/png
86068.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/86068.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c93797724bba4ec5b5a3f5663150c84b0a23799efbe78d9e46372e76dc6763f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"0f20501fd02a21086a4d4da698ab2c1b:1668093400.509038"
content-length
57838
content-type
image/png
113372.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/113372.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d2e67dddc94d14f2a05d20e582d325cc5be65dd9bcd16d446a7164727b5fce87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"eb483f922d0c1134685c4ac90ac3bf72:1668093400.517485"
content-length
54944
content-type
image/png
112016.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/112016.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
aac033e01ef2e328729a0727c202379dbcc91ccab10732b02a6a958cb5833319

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"d957ffcf76bd9d4c8344993405b00176:1668093400.473638"
content-length
56127
content-type
image/png
104405.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/104405.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a8e309e5f3097d6ab1acbed1a0c14ae969e9c17cb0dbb8f2dd621bc069bb3d9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"6a4c522553595e37e991e6808c0a32d3:1668093400.594033"
content-length
57800
content-type
image/png
93331.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/93331.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7e949a839200592403a7a636c40a479a3ff25908badd1c6c2ae04b7a3702c366

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"46684c48e6cb2805513e150ed96fd17f:1668093400.433952"
content-length
49053
content-type
image/png
102450.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/102450.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
aca85cbd7bf3cbcd99e10552b9c13253881d78da433dcaccfe4a80029cd8309b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f2f7f11562a700ea0a05f0071d19ff02:1668093400.501133"
content-length
64366
content-type
image/png
102649.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/102649.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1c54f0f71a8acc4dd4ff46214771f0157b670d0599d91244c811ff7c00eb69a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f0990d8a13bc7b8bb98a36b427be96ea:1668093400.454494"
content-length
63659
content-type
image/png
84868.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/84868.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
08f76100e39b8cacb23256ba65f949daa06c5541e7851d6e124f5e50459932d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:41 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"580793c78bcc357278ce1c0635a92eff:1668093401.123935"
content-length
65486
content-type
image/png
105059.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/105059.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
079e94b7bc05d9eafcdbe460b053e04cc4bad24848ad8e66c2dd9d6f07e16d4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"98da0b4b2473c0f9e88d08dea209a077:1668093400.422807"
content-length
48303
content-type
image/png
92305.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/92305.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
dc2c49a20d1cc22ad98b6d26f43be4d5eb33dc0d17b0e04dcc9dab3c5ecf3741

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"3a4efc0273693af91f2d7154ce43430c:1668093400.433842"
content-length
60000
content-type
image/png
86237.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/86237.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
752e07d99c607e33dc79ed57a664983cdf1ce5719a162d60619eb3ba9f34ee4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"a158178575e4da024a4fbb3d968ad0ba:1668093400.474583"
content-length
64461
content-type
image/png
121182.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/121182.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c1c001fcacb2f53265674bfa125f81bef666729fbd0e0493bf5e67b3b20cd7ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"15503c447bf0b4ec439a4623b4ad5ff3:1668093400.494388"
content-length
53784
content-type
image/png
119191.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/119191.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b31463af176eed7d861b071718190de412fe975d4cdc5a49bad2d78cedeb5f1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"1b601ea80d57dcafd1f2fa7ea80b9bb6:1668093400.42593"
content-length
60795
content-type
image/png
106530.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/106530.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
540b0eb6b350abc04a49900c1657c23ef076c3ebe063c1b4152b74fb639da928

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"69f06896354ce05cd7cbd1c867da632c:1668093400.437502"
content-length
62470
content-type
image/png
89402.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/89402.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a79bf273bb7741d5756c135d9f9c487beea96c942f1936dc7a6155ae634d76ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"d04b34dae8ab3bde899dbc5530141992:1668093400.510218"
content-length
50611
content-type
image/png
111701.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/111701.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0299ed9e0a92465371f16e00103bf5f88c539eb5350a112859e8e141d9c7f828

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"873674ed05625cfd7d6836739ffce60a:1668093400.509906"
content-length
53963
content-type
image/png
109493.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/109493.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d8684f3e89e8fcd27f22b3241b7d0c2f9d0f3afebb2ac7647df05bf1049c277a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:41 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"49a054133959c050f3aeb0d422ada713:1668093401.12289"
content-length
65219
content-type
image/png
115649.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/115649.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3b1708709624646711c38e000ad6e90b19b48e25893bfab9978589c0259bba0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"b951e77991708c4bc64d2fb1b3bd44d5:1668093400.412434"
content-length
65390
content-type
image/png
102222.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 15E6 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/102222.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bf7056d5d008c7f1efae8a41645921911e3e2875341cd456dcbbb16847c06c14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"68b96c230380cad262ee327e49c5e8bc:1668093400.480362"
content-length
64282
content-type
image/png
2023_NFLH2H_OH
gsm-adverts.betstream.betgenius.com/widget-data/ Frame 2CAF 		15 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gsm-adverts.betstream.betgenius.com/widget-data/2023_NFLH2H_OH?culture=en-US&productName=MGM
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/xhr-event-proxy.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
istio-envoy / Express
Resource Hash
22ee92569b468e5a3e5ef96096d34c4d0ac88de34cb2472441e0a463971def2d

Request headers

Accept
application/json
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
X-Requested-With
XMLHttpRequest
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
content-encoding
gzip
server
istio-envoy
x-powered-by
Express
etag
W/"3a32-5smAbAuW9Dm27h2TUoLQRCjG63Q"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
6
content-length
2342
82959.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/82959.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
db8c8b622eba81f568dfafa8589d94329439d9f1c1812277aba700170265883f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"cc162a25b947c807dfeb3332dc52b46d:1668093400.445788"
content-length
64547
content-type
image/png
86068.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/86068.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5c93797724bba4ec5b5a3f5663150c84b0a23799efbe78d9e46372e76dc6763f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"0f20501fd02a21086a4d4da698ab2c1b:1668093400.509038"
content-length
57838
content-type
image/png
113372.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/113372.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d2e67dddc94d14f2a05d20e582d325cc5be65dd9bcd16d446a7164727b5fce87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"eb483f922d0c1134685c4ac90ac3bf72:1668093400.517485"
content-length
54944
content-type
image/png
112016.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/112016.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
aac033e01ef2e328729a0727c202379dbcc91ccab10732b02a6a958cb5833319

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"d957ffcf76bd9d4c8344993405b00176:1668093400.473638"
content-length
56127
content-type
image/png
104405.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/104405.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a8e309e5f3097d6ab1acbed1a0c14ae969e9c17cb0dbb8f2dd621bc069bb3d9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"6a4c522553595e37e991e6808c0a32d3:1668093400.594033"
content-length
57800
content-type
image/png
93331.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/93331.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7e949a839200592403a7a636c40a479a3ff25908badd1c6c2ae04b7a3702c366

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"46684c48e6cb2805513e150ed96fd17f:1668093400.433952"
content-length
49053
content-type
image/png
102450.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/102450.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
aca85cbd7bf3cbcd99e10552b9c13253881d78da433dcaccfe4a80029cd8309b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f2f7f11562a700ea0a05f0071d19ff02:1668093400.501133"
content-length
64366
content-type
image/png
102649.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/102649.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1c54f0f71a8acc4dd4ff46214771f0157b670d0599d91244c811ff7c00eb69a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"f0990d8a13bc7b8bb98a36b427be96ea:1668093400.454494"
content-length
63659
content-type
image/png
84868.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/84868.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
08f76100e39b8cacb23256ba65f949daa06c5541e7851d6e124f5e50459932d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:41 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"580793c78bcc357278ce1c0635a92eff:1668093401.123935"
content-length
65486
content-type
image/png
105059.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/105059.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
079e94b7bc05d9eafcdbe460b053e04cc4bad24848ad8e66c2dd9d6f07e16d4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"98da0b4b2473c0f9e88d08dea209a077:1668093400.422807"
content-length
48303
content-type
image/png
92305.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/92305.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
dc2c49a20d1cc22ad98b6d26f43be4d5eb33dc0d17b0e04dcc9dab3c5ecf3741

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"3a4efc0273693af91f2d7154ce43430c:1668093400.433842"
content-length
60000
content-type
image/png
86237.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/86237.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
752e07d99c607e33dc79ed57a664983cdf1ce5719a162d60619eb3ba9f34ee4e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"a158178575e4da024a4fbb3d968ad0ba:1668093400.474583"
content-length
64461
content-type
image/png
121182.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/121182.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c1c001fcacb2f53265674bfa125f81bef666729fbd0e0493bf5e67b3b20cd7ca

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"15503c447bf0b4ec439a4623b4ad5ff3:1668093400.494388"
content-length
53784
content-type
image/png
119191.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/119191.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
b31463af176eed7d861b071718190de412fe975d4cdc5a49bad2d78cedeb5f1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"1b601ea80d57dcafd1f2fa7ea80b9bb6:1668093400.42593"
content-length
60795
content-type
image/png
106530.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/106530.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
540b0eb6b350abc04a49900c1657c23ef076c3ebe063c1b4152b74fb639da928

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"69f06896354ce05cd7cbd1c867da632c:1668093400.437502"
content-length
62470
content-type
image/png
89402.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		49 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/89402.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a79bf273bb7741d5756c135d9f9c487beea96c942f1936dc7a6155ae634d76ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"d04b34dae8ab3bde899dbc5530141992:1668093400.510218"
content-length
50611
content-type
image/png
111701.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/111701.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0299ed9e0a92465371f16e00103bf5f88c539eb5350a112859e8e141d9c7f828

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"873674ed05625cfd7d6836739ffce60a:1668093400.509906"
content-length
53963
content-type
image/png
109493.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/109493.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d8684f3e89e8fcd27f22b3241b7d0c2f9d0f3afebb2ac7647df05bf1049c277a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:41 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"49a054133959c050f3aeb0d422ada713:1668093401.12289"
content-length
65219
content-type
image/png
115649.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/115649.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3b1708709624646711c38e000ad6e90b19b48e25893bfab9978589c0259bba0a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"b951e77991708c4bc64d2fb1b3bd44d5:1668093400.412434"
content-length
65390
content-type
image/png
102222.png
gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/ Frame 2CAF 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gsm-adverts.betstream.betgenius.com/resources/MGM/assets/competitors/americanFootball/helmets/102222.png
Requested by
Host: gsm-adverts.betstream.betgenius.com
URL: https://gsm-adverts.betstream.betgenius.com/javascript/externals.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.127.91.228 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-91-228.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bf7056d5d008c7f1efae8a41645921911e3e2875341cd456dcbbb16847c06c14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gsm-adverts.betstream.betgenius.com/singleadvert?c=MGM&cm=2023_NFLH2H_OH&competitionId=296&size=300x250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
last-modified
Thu, 10 Nov 2022 15:16:40 GMT
server
AkamaiNetStorage
accept-ranges
bytes
etag
"68b96c230380cad262ee327e49c5e8bc:1668093400.480362"
content-length
64282
content-type
image/png
csync
sync.spotim.market/ Frame ED85 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.spotim.market/csync?t=a&ep=696268&extuid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415&us_privacy=1---&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:33 GMT
Server
Adtelligent
Etag
afb42d02c4c3c298
Content-Length
43
Content-Type
image/gif
n1.js
assets.a-mo.net/js/ Frame ED85 		32 B
145 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/n1.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?gdpr=0&gdpr_consent=&us_privacy=1---&cb=%20https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D696268%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6813:9e13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
via
1.1 2c00b6f1d42245c6c3867cc4dfa7f32e.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-cf-pop
BOS50-C3
age
432
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
32
last-modified
Thu, 17 Aug 2023 15:48:19 GMT
server
cloudflare
etag
"a8b2f555a0227aec5e980e5ec98f6d15"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cf-ray
8012cfad8a2f4bcf-BUF
x-amz-cf-id
UzbCBp9a0d8T4M4WiOFJifbWtLbs0bh-eLIhcPOkwtzMWDa_bBa6_w==
expires
Mon, 04 Sep 2023 03:30:33 GMT
/
csync.loopme.me/ Frame 86B1 		0
0
tp_out
d.adroll.com/cm/index/ Frame 86B1 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:33 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
bridge
cm.adgrx.com/ Frame 86B1
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:36 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:36 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794636404057-110
CookieIndex
rtb.adentifi.com/ Frame 86B1 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame 86B1 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0ec683005.edge-va6.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+C2oIb/vR7A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dcm
s.amazon-adsystem.com/ Frame 86B1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H45F1FG0XA4T1BSNGSQD
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 86B1 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 86B1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame 86B1 		43 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43898
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cfafa84939c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:34 GMT
sd
us-u.openx.net/w/1.0/ Frame 4B76
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D540290843%26val%3D%24%7Bssky_uuid%7D&_cvt=t
  • https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.a578a0594ed8463abced9985b60a096e
43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.a578a0594ed8463abced9985b60a096e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=540290843&val=d6.a578a0594ed8463abced9985b60a096e
date
Mon, 04 Sep 2023 02:30:34 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
x-xss-protection
1; mode=block
sd
us-u.openx.net/w/1.0/ Frame 4B76
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=641&userId=fa99e75b-d1a7-01d5-0ee5-61c210565a8d&redirectId=2257
  • https://us-u.openx.net/w/1.0/pd?plm=3&ph=b9be4168-e450-46a9-a2f2-8e12fc5e4de6
  • https://match.deepintent.com/usersync/108/
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:34 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sd
us-u.openx.net/w/1.0/ Frame 4B76
Redirect Chain
  • https://dmp.brand-display.com/cm/api/openx
  • https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fcf21a0-5429-cdf4-fa82b175
43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fcf21a0-5429-cdf4-fa82b175
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Mon, 04 Sep 2023 02:30:34 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://us-u.openx.net/w/1.0/sd?id=539237773&val=4fcf21a0-5429-cdf4-fa82b175
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
103
ox
match.justpremium.com/match/ Frame 4B76 		43 B
202 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.justpremium.com/match/ox?ex_uid=cc848cb4-fddc-0f4f-0a45-e4f8a1423ed1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.19.69.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-19-69-24.compute-1.amazonaws.com
Software
/
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
content-length
43
content-type
image/gif
sd
u.openx.net/w/1.0/ Frame 4B76
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=81&gdpr=0
  • https://u.openx.net/w/1.0/sd?id=540394477&val=990277896830277133&gdpr=0&gdpr_consent=
43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/sd?id=540394477&val=990277896830277133&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://u.openx.net/w/1.0/sd?id=540394477&val=990277896830277133&gdpr=0&gdpr_consent=
date
Mon, 04 Sep 2023 02:30:33 GMT
content-length
0
merge
ce.lijit.com/ Frame 4B76 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=76&3pid=eaeb9c84-40d9-0f28-1fe7-d468d88642b9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=bb3dfa1e-28f2-4379-aa01-73e27cdce2ee&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.238.254 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ewr1
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
vevent
nym1-ib.adnxs.com/ Frame ECE4 		0
661 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://nym1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&e=wqT_3QK3DPDtNwYAAAMA1gAFAQjEgtWnBhDIy-WNw_uRk2AY-6PpjMqS55gjKjYJT57B7eQZzD8RppvEILByyD8ZAAAAoEfhGEAhyCk6kst_yD8pKVyPwvUozD8xAAAA4KNw5T8w_JHNDDjwO0DMFUgCUJe0z8wBWOPHWWAAaKawZHjtygWAAQGKAQNVU0SSAQNVU0SYAdgFoAFaqAEBsAEAuAECwAEFyAEC0AEJ2AEA4AEA8AEAigJpdWYoJ2EnLCAyMjM1NjMwLCAwKTt1ZignaScsIDgyMDQ5MzYsIDApO3VmKCdnJywgMjA4NDMzMjIsIDApOwE9PHMnLCAyODM5NzA5MzgsIDAJPzByJywgNDI5MTIwMDIzBRb0dQGSAqkFIUdZR01ud2pidDlJYUVKZTB6OHdCR0FBZzQ4ZFpNQUU0QUVBQVNNd1ZVUHlSelF4WUFHQkxhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVDcUFFQ3NBRUF1UUVwclgtbjlpak1QOEVCS2ExX3BfWW96RF9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQmlPWDBBX1VCQUFCQVFKZ0NBS0FDQUxVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSUREZ2lLakt3cUVBSVlBaTBBQUFBQW9nTU9DUDdHN2k0UUJCZ0JMVUtmX0RpaUF4TUl2cXYzTFJBS0dBRXRyNmtFUURJRGRXNXhvZ01PQ0lxTXJDb1FDeGdDTFFBQUFBQzZBd2xPV1UweU9qVTBPRFBnQTdSRWdBU0YydEFLaUFTLTI5QUtrQVFBbUFRRXdRUUFBQUFBQQH4BE1rEfUB-ARSQgEHMEFBQWdCcEEyQVFBOFExIVBBQUFJZ0Y2eXFZQmZxYXRJY0JxUVUBFgE4EHdQN0VGAQoJAQhEQkIdNwB5LigAADkyKAAAWhUowFBBXzRBWHdxd0h3QmJxVy1BbjRCZTY1aUFHQ0JnTlZVMFNJQmdDUUJnR1lCZ0NoQmcJajBBQWhBcUFZRXNnWWtDHXQARR0MAEcdDABJHQzwQ3VBWUt5QWNBNEFjRDZBY0E4UWNBQUFDZ21abTVQX2dILWRNSS1BZmgxd2o0QjU3YkNQZ0hzdjBJmgKZASFjUkxhQkFqNq0CKE9QSFdTQUFLQUF4EZ9YQ0VBNkNVNVpUVEk2TlRRNE0wQzBSRWsNHwxEd1AxPYAARhEYDEFBQUcdGABHHRgASA0YIElBYVFIZ0FpUQ0QAUz0KgF3Li7YAsrTAuACi6086gI-aHR0cHM6Ly93d3cuc2hlZmluZHMuY29tL2NvbGxlY3Rpb25zL3dhbG1hcnQtcGFja2FnaW5nLWNoYW5nZS-AAwCIAwGQAwCYAxSgAwGqAwDAA9gEyAMA2AOP9CPgAwDoAwD4AwOABACSBAkvb3BlbnJ0YjKYBACiBAs5Ni45LjI0OS40NagEALIEDAgAEAAYACAAMAA4ArgEAMAEAMgEANIEDjI3NjQjTllNMjo1NDgz2gQCCAHgBADwBJe0z8wB-gQSCQAAAGB_cUVAEQAAAAAiuVPAiAUBmAUAoAX___________8BqgUgZGU3YmMwMThmYmY2YzZkOTE4OTk1ODdhYTYyMTkyMzDABQDJBQAAAAAAAPA_0gUJCQEKAQE02AUB4AUB8AXDggr6BQQBpiiQBgCYBgC4BgDBBgEhMAAA8D_QBpgK2gYWChAJERkBoBAAGADgBgHyBgIIAIAHAYgHAKAHAboHCCoEMS0tLUAByAftygXSBw0JETMBMQjaBwYBaKAYAOAHAOoHAggA8AcAiggCEACVCAAAgD-YCAHACMrTAtIIBggAEAAYAA..&s=c800fee465ec2a7f51f9b11234a8d8ff2376b224&type=nv&nvt=5&jm=1003&px=801&py=6794&bw=728&bh=90&sid=1437780071776499061&vd=ct~0|rr~0&sv=239&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=26429692&sw=1600&sh=1200&pw=1600&ph=15884&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:33 GMT
an-x-request-uuid
ab23e83c-e88b-43a6-9cfc-0181eb1f5b86
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ozNvBHxxVmNxY1pGVlViYnE4ZGJZejhRakRpZUhYbUhZUXhqeit6RFRtNWNtWlZSWnhReGdqK21ad2w2UUtkR3oxVUIxOG1sYW9pTVg1S0M1Y3E3cDI2RDNtejVsZFVwL0xIempLcWtQS1hJNnd5czlxKythcEtMWnZ4NHN4QlJvUEpkdnJINExuYWROdkNlcGZZYjk3dTlSb3B2N3ZFbTlQNGZ2Wml1Y1ZrTTMyVHlyYTFOQVlSaVB5OHJ4aGx1YUJXTDNZV1EyYjZkY1FjWTkxeVQ5dGRsd1kyQUxINjVtVStDNUNBdFNiL1cwb1c2TTczUjRieDd5SzU3SVRlZXk0SGlvbFpsT2haV00rMVJWNUs3VThlVFVGZW16dkNqeU8vY0pvZjZoamR2MGhxZz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:33 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
187392
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sync
vid.vidoomy.com/ Frame F0A5 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Mon, 04 Sep 2023 02:30:34 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
HIT
x-77-nzt
AVm7sQ+0NZb/NTwKAA
x-77-nzt-ray
49be1408ddd78f3f4a41f5640ca6c804
x-77-pop
newyorkUSNY
x-accel-date
1693123861
x-accel-expires
@1694160661
x-age
670773
x-cache
HIT
sync
vid.vidoomy.com/ Frame 9023 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Mon, 04 Sep 2023 02:30:34 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
HIT
x-77-nzt
AVm7sQ8cOlX/NTwKAA
x-77-nzt-ray
49be1408ddd78f3f4a41f5647af9e304
x-77-pop
newyorkUSNY
x-accel-date
1693123861
x-accel-expires
@1694160661
x-age
670773
x-cache
HIT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4798 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=2138938937412773&bg=!8vGl8b7NAAYHwnCgJ8I7ADQBe5WfOBg43nCjJg-10ii1h9YB1u3AdoaPTX2gXJfr4cSBaasBLItRj00jx2cA0COfdNSRAgAACdZSAAAAlmgBBwoAjXM5lIrlWs-sC6BnboXWVUU-w9FkQPqQyVeU9-jKnr8qpnS0gp_ML6IE6F1Gfu62knMCiDT6pNNg-Pv5wY-ptxzZzcqe7JGVTyzErwAXODzNU3lKv5B6f-6kG8fyzR8EttwMA7qqchUV1LK6O8eqDUejBZi7wusDzCxWWgcwY7D8L0MMo0flRPCGWtSJHZkC044zCsQZiPABrTYyTMQ1xXCs3jMZ29USqUU8NI_QAeDk7STSlHUeyD5QMBtyjYq36S6uiRouaSKODZ6t2WQ6_ENy9Jk-lLNGfKR1qUljxvMcNy1sWRKHIjD4RlClQS4TpBmVRaxA89CZFS502w7yvtZwu0tTVkgfqWN8v3DOc3YMusoR7vxRqBuQvaj765kdB891rG3WEIAjk9hlNKRmadY51lvDZwEnY0TFWUnB3I7LbvxBn3T0EleKxX8s-skJU-e_23TOSHVaWKjojun8R10X6nKtt81v4tIwxv3yj3kA1QHXK9Q_ONXPYaDstAuKRBlvycJh9tX-iugmRiKojLHlm-HnOl1hw8CEhSAIGPqcTN2_5vVFRrFBI3HmBEzzC9a-m-SDWPoV2tYzvY4BONBGqZUJdyBQiveNgmN5qpBW9nED-d94otV6XGqfGTlLAF6ExsYqSL1IkUZd62aRor0ThRmt5u0CVvhnrhbOLlxTUULZ-UltYfwPd3oxq5MsbKNQaTMMaJa-nZDPPwb9tTEzfc_JRR_wfra3-TOTdai3QngGs6draiUhVZceW2e5Uay0BCOR6hn-7CQuJ__ioYs7adEk7YSY2gqbOrxH3_lrj7yyULke_FZYQ_tURWrnIDW8QOOZ0bSqQXrgWcjp3q6W65jNeOiFiloJB7H6lXWBxwFM_5ZvWYZ6vPiBEK6x8SEQCGshsf0hpZgXKFyZvf_5nQ_dBc-VkV7ukdlP4QbHAbfWLmg2aCDx4HkDRHQqZOykIKhu-a8UiGOPQUM332aa7X1GizFcC77j5bK-9gQn4Oiv2dLuVJ_8JKzfJEhfWWaAl14HwL4i8V3cTqR8bR24vYBrHSxZ3vQ4zNU42EBfI0gPPcRQWHD_2ypWqQKp0ARgmJO96OyEv9cfcw9doXh3thy5hOMg_TB0ikoleieGx1rs7XlcKYaQQcsdjhGg8m7GJg
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1B6B 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 1B6B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
H8KBGXQX0CZQ6QCSSQKT
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
csync.loopme.me/ Frame 1B6B 		0
0
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 1B6B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
CookieIndex
rtb.adentifi.com/ Frame 1B6B 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
tp_out
d.adroll.com/cm/index/ Frame 1B6B 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:61c0:2205:2eec:2094:b091:c76b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
bridge
cm.adgrx.com/ Frame 1B6B
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794634257085-266
usermatchredir
ssum-sec.casalemedia.com/ Frame 1B6B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=484
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 1B6B 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43898
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cfb008e139c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:34 GMT
usync.js
eus.rubiconproject.com/ Frame 8A37 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:34 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57906
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=ff061bdb-df71-a3df-20c9-b0ff12d77dda&tv=%7Bc:naA9i8,pingTime:15,time:16822,type:p,clog:%5B%7Bpiv:84,vs:i,r:,w:300,h:250,t:963%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:16822,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:963,wc:0.0.1600.1200,ac:980.991.300.250,am:i,cc:980.991.300.250,piv:84,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15875~75%5D,as:%5B15875~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:891,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j*.930203%7C1j1%7C1k.930203%7C1k1%7C1l.930203%7C1l1%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q6%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1y.930203%7C1z.930203,idMap:1j*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:963,sis:1846%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
server
nginx
x-server-name
dt16.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sd
us-u.openx.net/w/1.0/ Frame 9AEB
Redirect Chain
  • https://match.deepintent.com/usersync/108
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:33 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sd
us-u.openx.net/w/1.0/ Frame 9AEB
Redirect Chain
  • https://match.deepintent.com/usersync/112
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:33 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
rum
dsum-sec.casalemedia.com/ Frame 9AEB
Redirect Chain
  • https://match.deepintent.com/usersync/150
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=176&external_user_id=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:33 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
sd
us-u.openx.net/w/1.0/ Frame 9AEB
Redirect Chain
  • https://match.deepintent.com/usersync/126
  • https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
43 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537138692&val=di_a1f61cad865644a2aaed7
date
Mon, 04 Sep 2023 02:30:33 GMT
content-type
image/gif
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
store
match.deepintent.com/usersync/121/ Frame 9AEB
Redirect Chain
  • https://match.deepintent.com/usersync/121
  • https://thrtle.com/insync?vxii_pid=10036&vxii_pdid=di_a1f61cad865644a2aaed7&vxii_r=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F121%2Fstore%3Fid%3D%24%7Btid%7D
  • https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:33 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

Redirect headers

location
https://match.deepintent.com/usersync/121/store?id=b39bf5f8-aaf7-4a0e-9dff-892214b25ffc
date
Mon, 04 Sep 2023 02:30:34 GMT
content-type
text/html; charset=utf-8
content-length
110
p3p
CP="NOI OUR BUS UNI COM NAV"
v1
match.sharethrough.com/sync/ Frame 9AEB
Redirect Chain
  • https://match.deepintent.com/usersync/129
  • https://x.bidswitch.net/sync?expires=720&dsp_id=422&user_id=di_a1f61cad865644a2aaed7
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
68 B
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
52.73.129.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-129-194.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=54d10197-cb46-413a-91f9-8e6ea8d9de90&seat_user_id=&seat_key=&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Mon, 04 Sep 2023 02:30:34 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
csync.loopme.me/ Frame 9AEB
Redirect Chain
  • https://match.deepintent.com/usersync/147
  • https://id5-sync.com/s/987/5.gif?puid=di_a1f61cad865644a2aaed7&callback=https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F147%2Fstore%3Fid%3D%7BID5UID%7D
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F821%2F4%2F2.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
0
0
store
match.deepintent.com/usersync/106/ Frame 9AEB
Redirect Chain
  • https://match.deepintent.com/usersync/106
  • https://cm.g.doubleclick.net/pixel?google_nid=deepintent&google_hm=ZGlfYTFmNjFjYWQ4NjU2NDRhMmFhZWQ3&google_cm
  • https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
Requested by
Host: cdn.deepintent.com
URL: https://cdn.deepintent.com/syncpixel.html
Protocol
H2
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cdn.deepintent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/gif
date
Mon, 04 Sep 2023 02:30:34 GMT
server
a
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://match.deepintent.com/usersync/106/store?id=CAESECEklRmdvwVXa5fXgC5dIzs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getuid
ib.adnxs.com/ Frame AF10
Redirect Chain
  • https://b1h.zemanta.com/usersync/prebid?gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Doutbrain%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26...
  • https://sync.outbrain.com/sync-external?uid=tBqhGL_SEgdE6TJQpXUm&redirect=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJ...
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fca...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJM...
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWU...
  • https://sync.outbrain.com/cookie-sync?obhb=https://b1sync.zemanta.com/usersync/prebid/callback/?d=NB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFU...
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fca...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJM...
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fcall...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJM...
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fca...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJM...
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fcall...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJM...
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fca...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJM...
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWU...
  • https://sync.outbrain.com/cookie-sync?obhb=https://b1sync.zemanta.com/usersync/prebid/callback/?d=NB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFU...
  • https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fobhb%3Dhttps%253A%252F%252Fb1sync.zemanta.com%252Fusersync%252Fprebid%252Fca...
  • https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJM...
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWU...
0
0
tap.php
pixel.rubiconproject.com/ Frame 162E 		42 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=t1ROgcMqtCvVjOomcUTWlmJsXWrOBQi7XCeiaulK1_0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cookiesyncendpoint
sync.aniview.com/ Frame 162E 		0
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aniview.com/cookiesyncendpoint?biddername=20&pid=5e0e296628a061270b21ccab&key=t1ROgcMqtCvVjOomcUTWlmJsXWrOBQi7XCeiaulK1_0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.210.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-210-147.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
content-length
0
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=930203&asId=36a09f01-2200-3f12-2021-6c6fbce8b9d7&tv=%7Bc:naA9kE,pingTime:15,time:17075,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:970,h:250,t:1383%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:17075,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:1383,wc:0.0.1600.1200,ac:320.235.970.250,am:i,cc:320.235.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B15711~100%5D,as:%5B15711~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:707,fm:tOQRB7P+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e111%7C1e112%7C1e113%7C1e114%7C1e115%7C1e116%7C1e117%7C1e118%7C1e12%7C1e131%7C1e132%7C1e14%7C1e15%7C1e16%7C1e17%7C1e18%7C1e191%7C1e192%7C1e1a1%7C1e1a2%7C1e1b%7C1e1c%7C1e1d%7C1e1e%7C1e1f%7C1e1g%7C1e1h1%7C1e1h2%7C1e1i%7C1f%7C1g%7C1h*.930203%7C1h1%7C1i.930203%7C1i1%7C1i2%7C1j.930203%7C1j1%7C1j2%7C1k.930203%7C1k1%7C1k2%7C1l.930203%7C1l1%7C1l2%7C1m%7C1n%7C1o%7C1p11%7C1p12%7C1p13%7C1p14%7C1p15%7C1q1%7C1q2%7C1q3%7C1q4%7C1q5%7C1q61%7C1q62%7C1q63%7C1q64%7C1q65%7C1q66%7C1q7%7C1q8%7C1q9%7C1r%7C1s1%7C1t1%7C1t2%7C1u%7C1v%7C1y.930203%7C1z.930203,idMap:1h*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:1384,sis:2133%7D&br=c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1bdf:bb4:db51:110d Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
usersync
usersync.gumgum.com/ Frame 5956 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:34 GMT
Expires
0
Pragma
no-cache
async_usersync
ib.adnxs.com/ Frame 3FEA 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
an-x-request-uuid
b249813a-8e90-4744-806f-519cc5511641
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 260D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszES2qf5I6YIm9FATrgtCKENMmOXJtxYhGuHe3nzpZ-auQiYVWfaDlnVk26B1Tt1IvRr9WyKRrh5GhfQi5wftqnQBfLj5qhflX_DmaQe9y-I9sbY5H7v5gpl8w_2S-D07rMmHGidRDIyDc2qmvjWgzQFUsVEVi2r76jVMPDYv0zCBAYMiDJv2hIBhkZmtx2FfKsCvCVXDuH-6RylAMx301IRu-TmJ1z_rE5mmBflNmzkFsYTerZRKv_uSOAsNls7PArhxyMjLToySbB09dnNgBrm3pN13CxRLRsWNKiOdHreM6qTEzHSC2ve2zb9MjSP20AN3mZWXt48AJ8A&sai=AMfl-YQlXkA-soD22cSxwI6gIcgKuMdJ06jWKrHeQ9R7CX-ZKvNjK0AG37-Z-OUfmCMhgytC198bt7dIWtNe8P1lgfvotNhFO-vUDw5BnNSXPgP-BfKsSCeyJyegjklALac&sig=Cg0ArKJSzGUtCJyJyjbQEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6A0D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvxYX32cc6jEM4i6kK7hJLiFwzE91RhAUChe3DGrb-eLttFik_8h_knPO4rGioDtZMO0ujYYYSMctmgqPXLrGgiQha0_CqnC3z8xEa6G8ZKKZPNwhuksd43Pf4XSHrkuqt8jlr63MzRaFjIcimVsTWvuGYuNdUKOGQWqLa0Rs5KUN-daugNzbSynQwEo_5vzjWnyyIemYSjEr7DHcWJJQjZgbLwYy3L6oQpYwLW7jcCb37czfDg63h9gvE9QtP669BxKbI7B7IX7K3L5FfxNfgQlnZLNt1hKg3FHl77kmJOObwAwuInM0_5pky5yIYyObcmyU-6HwKkO_SXoQ&sai=AMfl-YRNVjOrKRgRXm9F55z2tK1G7vZ39iINya1J6iL9UOZ9IQXQ8VeFtebm1x-aZNNXZF-3OhLPcPcRmSjSOdRtimchjE1P-u6C8y0zWxX6mcGRSEp8VYRRC63UrrxPTMI&sig=Cg0ArKJSzApb2Ah5r0g1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B3F9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=1264610274171070&bg=!ZmWlZSrNAAYHwnCgJ8I7ADQBe5WfOF6IWnKkm-AZuPnDtm6mY0rZkn9y0y6aIyUWqtBPk8E3tFpHPTbcgUlCo7Bz9KTWAgAAB4hSAAAACWgBBwoAhTE_FsP0RiebIfE4g669lMzfWsnkSk2kz4v-9B5YCzbPL6BqlDX4eNW7Gi12EPmSLoUaZgPQK1yVhPpe80EurHyZm9NzsHeznELSiUGCR3UvdmRClpF4YlhM822ZAXrjzH6aW0VfJWxue7CUIzLhAzTemR0pCkkzoSANRy9HUCj11qj4-CiZAtjtcKtWXcj9DZMk-j5tBvbG0GsSdW3sj5mmfoWUMOYhhz6ShHJbr4cyo1Y0qAUwiMd2UimezoZXhXdA9naCJ23hkmIDdXO16NDKt09w4YzV91N_Gwang5RzRor-HkGoaarVEkMf0FKYGDB7ZgGefzAIw_8-FNBGdE0eOlSnLFAhnQ-V5klAyXADaPUZHBnVvJl4rWNKe3MSkNDjIPr57JpkV0MqFuV_mU2fk8bnB760_kW5Bjwtb3uM_AcsAoD29EYpezUBtUFlXQKlTmpnzFy6yP3ZOgdsouW8Pe6wBtCuz6Tw1_6xFKvUKUWC4jrUAZ5RuuYDI88KRgjwLcdA4-WY5pn159lY3UDfmimFeGOrXXCFkDZljmSM_UOaiMvX0qpJu9cvb0cavFiI2JAYFCiQeRkxL6BVOOpJV--XbO_sD0pF9_60YU6hBRwAji_ao-KTPlhR8x15_mAECsefl0zI7qNNnLzxXtUgOoemqC8mtWDyqBWO2VkMW0bZqo3tbT_uOKPxGjNfl6_ar71gcIAWBUeTPxUFLqD9YrVsvYr87w24LXZpKPkjArPwOkntWf6a3sLGjlPFr_8WdDCWPqcLGsTV0xEh_o2KZts3tOvfp6NC6rfSFWgwRk8jG8DcoDQ-cee5LAcTdZKif8I75OznhbOdvGHZCMRGIMZaetjXVNsfd_rju4yEIqpj0K4Ry4KJfBEFSgvQqZV6yXlumAfZJpCwn6MFnJS71BcjOvUigk0ZCTs3q11TcIgm3bDWHSEivLW_TBLVtOtwnGTrKzCKmIIK_4nLs_dwGMIbfbjwAYFq9O0-6hqxc_33KZ0uyfLb7b1mnfJexqAFVpWm_zOnbhFDWdJ3Wt2ynWuSJpul0cNUVxQEymETAp4yyMzamxX_i1YVdaGdaILoNPFuAeFONCS1tXsTW67jkji5OuCSZ6i3_ADVBFiYoHYayBIuKAnyHmij1z5j7w
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
mut
ghb.adtelligent.com/adunit/ Frame 63B3 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/adunit/mut
Requested by
Host: p.safeservingcdn.com
URL: https://p.safeservingcdn.com/prebidlink/y19604/hbw_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:764::2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://p.safeservingcdn.com
Date
Mon, 04 Sep 2023 02:30:34 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
track
track1.aniview.com/ Frame 6B73 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=www.shefinds.com&sn=&cd1=sp_BbylgSbK&cd2=Desktop&cd3=conversation&cd4=e3a6c02f-3821-4966-b815-070e1fd3f4b8&cd5=SoAVV-Ud9yTbvFg4rxTIy4_VcSc9rQ4wunrhl1cAbU8kcrpvuwQ_Plid0QLP7Bvo&cd6=stable&cd7=row1-column1&cd8=sticky%3Afalse%3Btakeover%3Afalse&cd9=22607427172&cd10=v22.4.0&cd11=B&cd13=false&cd14=%5B%5D&cd15=ads&ic=0&tgt=0&app=&wi=948&he=533&test=&d36=6.2.123&apppkg=&fv=1&proto=https&clsid=a9ab569f-6750-4cab-b181-c0a028a1af60&rando=42
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5e0e296628a061270b21ccab
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.209.40.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-40-124.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
usermatch
ssum-sec.casalemedia.com/ Frame B481 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
2ab012f16ec92d2a2ea53fd1149ccac6ad7f9829fa2ccae5badf9dc3ebe0e147

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Type
text/html
Date
Mon, 04 Sep 2023 02:30:34 GMT
Expires
0
Keep-Alive
timeout=1, max=483
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Transfer-Encoding
chunked
async_usersync
ib.adnxs.com/ Frame DB7B 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
an-x-request-uuid
7fa05d62-6959-4e51-9f7f-e5edc4a1c3be
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 0FC6 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=7664&pub_id=1165391&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=7664&pub_id=1165391
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
an-x-request-uuid
b196ccbc-48fa-4992-9329-a082c1f75c4c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
user-sync.adxpremium.services/ Frame 8356
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
86 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
content-length
86
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
setuid
user-sync.adxpremium.services/ Frame CC19
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
86 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
content-length
86
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
bridge
cm.adgrx.com/ Frame B481
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:35 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794634868055-312
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B481 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usermatchredir
ssum-sec.casalemedia.com/ Frame B481
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
43 B
631 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=482
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEIY7nmWa_70X4n00JdPhgzM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
dpm.demdex.net/ Frame B481 		42 B
940 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468?gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.1.195.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-1-195-92.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v049-0933d5655.edge-va6.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
uR6AzGPJTpU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B481
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gdpr_consent=&us_privacy=1---&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:a115:6438:daed:9613 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
date
Mon, 04 Sep 2023 02:30:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
dcm
s.amazon-adsystem.com/ Frame B481 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=1---&gdpr=&gdpr_consent=&id=ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.128.147 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YNYN29T4BPA2QGBQVT9S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
CookieIndex
rtb.adentifi.com/ Frame B481 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.152.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-152-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
/
csync.loopme.me/ Frame B481 		0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame B481 		43 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZPVBNe7xTpdYaMRGxHT2EAAA%26468=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.shefinds.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.149.180 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
43898
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
8012cfb3efbf39c6-YYZ
content-length
43
expires
Tue, 05 Sep 2023 02:30:34 GMT
usync
ssp.api.tappx.com/cs/ Frame F65B 		0
429 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.api.tappx.com/cs/usync?idmn=1111&type=iframe&id=A7298272160482644129&auxuid=
Requested by
Host: sync.adkernel.com
URL: https://sync.adkernel.com/user-sync?zone=200784&r=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D1111%26type%3Diframe%26id%3D%7BUID%7D%26auxuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
35.245.208.4 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
4.208.245.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sync.adkernel.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Sep 2023 02:30:34 GMT
server
nginx
transfer-encoding
chunked
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 63B3 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:34 GMT
generate_204
tpc.googlesyndication.com/ Frame 93D9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?cCfYYA
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:34 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
match
ps.eyeota.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MmF3eGRPdG5EcXFVck5ZenR3c0VHb0x5clkzWGktMmlaR1pUdExja2ZVNDQ&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEBV92U7_8josOqpeCq3WzFo&google_cver=1
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEBV92U7_8josOqpeCq3WzFo&google_cver=1
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:35 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&referrer_pid=51md42u&google_gid=CAESEBV92U7_8josOqpeCq3WzFo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
375
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
ps.eyeota.net/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://ps.eyeota.net/match?uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&bid=1e2n4ou
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:35 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?uid=3175ac58-0d9d-47aa-b429-d8f42e050f30&bid=1e2n4ou
date
Mon, 04 Sep 2023 02:30:34 GMT
server
Kestrel
content-length
191
match
ps.eyeota.net/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=Eyeot
  • https://ups.analytics.yahoo.com/ups/58773/cms?partner_id=Eyeot
  • https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Hv8QG3lE2pVtECYhLdk65gGeeyCnpruv1Gs-~A
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Hv8QG3lE2pVtECYhLdk65gGeeyCnpruv1Gs-~A
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:37 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/match?bid=bhc9gd0&yahoo_ver=2&yahoo_id=y-Hv8QG3lE2pVtECYhLdk65gGeeyCnpruv1Gs-~A
date
Mon, 04 Sep 2023 02:30:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
match
ps.eyeota.net/
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26referrer_pid%3D51md42u
  • https://ps.eyeota.net/match?uid=ZPVBNgANs6j7wQAb&bid=0rijhbu&referrer_pid=51md42u
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=ZPVBNgANs6j7wQAb&bid=0rijhbu&referrer_pid=51md42u
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:34 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

x-served-by
cache-yyz4578-YYZ
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1693794635.912984,VS0,VE0
x-cache
HIT
location
https://ps.eyeota.net/match?uid=ZPVBNgANs6j7wQAb&bid=0rijhbu&referrer_pid=51md42u
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
match
ps.eyeota.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24UID%26bid%3D2cr76e1%26referrer_pid%3D51md42u
  • https://ps.eyeota.net/match?uid=2535980227366638075&bid=2cr76e1&referrer_pid=51md42u
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=2535980227366638075&bid=2cr76e1&referrer_pid=51md42u
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
34.197.192.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-192-192.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/gif
Date
Mon, 04 Sep 2023 02:30:37 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:37 GMT
an-x-request-uuid
c15b1367-5594-4537-93a6-ae19c3ca9c86
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ps.eyeota.net/match?uid=2535980227366638075&bid=2cr76e1&referrer_pid=51md42u
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9596 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101332
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:35 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E82E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101332
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:35 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
setuid
user-sync.adxpremium.services/ Frame 8356
Redirect Chain
  • https://ap.lijit.com/pixel?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:36 GMT
content-length
86
content-type
image/png

Redirect headers

Date
Mon, 04 Sep 2023 02:30:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid-server.rubiconproject.com/ Frame AF10
Redirect Chain
  • https://csync.smilewanted.com/getuid?source=prebid-server&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dsmilewanted%26gdpr%3D%26gdpr_co...
  • https://prebid-server.rubiconproject.com/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=de826e317f70a0b3dfe489aa3aeab830
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=de826e317f70a0b3dfe489aa3aeab830
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

date
Mon, 04 Sep 2023 02:30:36 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
location
https://prebid-server.rubiconproject.com/setuid?bidder=smilewanted&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=de826e317f70a0b3dfe489aa3aeab830
access-control-allow-credentials
true
cf-ray
8012cfbc88e3398a-YYZ
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
setuid
user-sync.adxpremium.services/ Frame 1CB7 		86 B
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 04 Sep 2023 02:30:35 GMT
syncframe
gum.criteo.com/ Frame 1A7D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.shefinds.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 02:30:34 GMT
server
Kestrel
server-processing-duration-in-ticks
639820
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.134.js
static.criteo.net/js/ld/ Frame 63B3 		89 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.134.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.134.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:15:33 GMT
server
nginx
etag
W/"642e8db5-162ff"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 05 Sep 2023 02:30:35 GMT
urlsvid.json
vpaid.vidoomy.com/sync/ Frame F0A5 		1 KB
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.36.23 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
137173278.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Mon, 04 Sep 2023 02:30:35 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
670297
x-accel-date
1693124338
x-77-nzt
AZySJBaVBjn/WToKAA
x-accel-expires
@1694161138
last-modified
Mon, 10 Jul 2023 08:02:46 GMT
server
CDN77-Turbo
etag
W/"64abbb26-479"
x-77-nzt-ray
1e192d08f186f4b14b41f564a5092727
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 9023 		1 KB
840 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.36.23 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
137173278.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Mon, 04 Sep 2023 02:30:35 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
670297
x-accel-date
1693124338
x-77-nzt
AZySJBa2san/WToKAA
x-accel-expires
@1694161138
last-modified
Mon, 10 Jul 2023 08:02:46 GMT
server
CDN77-Turbo
etag
W/"64abbb26-479"
x-77-nzt-ray
1e192d08f186f4b14b41f56481312c27
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
async_usersync
ib.adnxs.com/ Frame 3FEA 		0
593 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.137 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:35 GMT
an-x-request-uuid
e9b55f6e-f1d5-40cb-a524-b32dd8d87904
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.45; 96.9.249.45; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
report
gw.geoedge.be/api/ 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/report
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:210b:9c00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Mon, 04 Sep 2023 02:30:35 GMT
via
1.1 6886c621d4716e156349149ba8d65b40.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
content-length
0
x-amz-cf-id
y81nX9LB6mMpejPFUHFxceLX1CTN9PpfE_cNluqVSPFVFemhoAnPGQ==
x-cache
Miss from cloudfront
sodar
pagead2.googlesyndication.com/pagead/ Frame EF3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308290101&jk=287535046088818&bg=!GxilGFfNAAYHwnCgJ8I7ADQBe5WfOJxNWqrLy2tJ42gsuNcSpfDF4_Xy_OdL36OYgSa4Uo6kLOQLamNFVcPp4I7gdP9AAgAABgxSAAAADGgBB5kC1750zdEgQeo6w19AAnHvEFjKPmyVDA_gK0mHbGwPzn92BGuYl3xPLpGSv_n-9_clRXPZ_jZbvug1712UL2WGYU8Kfo3mXmFCl-_oFbMtsNRqHDdoTKPnKMb7rvxKyNoTPvsAPrFfMjPLIMIDgV9MphGc1ZIRjCg5I40JrTuQALuejQj58srU1YB0UTvIYq2Eyf56JN6TmMPoNwtMuvWdF9uQjj1MIcXB-oHix1poNtyZWDehBpSW9Y2KgN6BbIZXTMHXeqQZuiSzLu7m-0nOkLd-Kon6ZdDWS3FDRyJpYEZXTWlKNXyanC3wraCI3HqjZwsGSPdD8Jx8-KCaM2RRBd2j6oH8QT_bS3drmioTKcamn64OVPg25mtlJwB2dbaeKQAsOy13SHZO7QWlYOSBNoDUrHGBqiBgIhHhaGc4VSXo7IERnDjkKKCR2kICk9Hpfr0722DK2y3zMTus72bQNvJYjIMbKGQMzeNOkXGEaa02prudhSuJrSJxtb4Ax9Cf4Vp-Zr_kBsLAPMHW_bS69CQDUO47FshSR760Q4CXlIoA8ux31en6oWOIKC--6NbS8iJxT7nDkI1msbiSyS7RdUQB8_Yrq2qOCu93m5GmhJIssIqcFUbJEFSajdjmvAQ0u94DIpZpBxrw_a5ybTbBkpi0-GiLp9KR8J04S0Wp5OM6yChT_sjUx3EcZxpzX3GiZ9cuA71Miu1zOJ7KMdyUCOmAabdvnt1iPzoGaHyHIo8FYe-rnB661KIgqn__VmOvBg0TDjtJYv4v5I8P_JzfK-98FIuF2vIHNt1dVEDs6n1HWdGqanA9ktoHZvWgP7AZnEho-wIb6YNe8cA343jhndttZ2KPGXC-Db5wa0Vwucj550BUga9IKd69uIyPrl_oW7CwaFb-G3DjfUO5rfmLILOnUCp8DixusFiVgl2r9HTXA-DnXfsQWXJxUk2aXdrDZR03XVq25YQ
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 7A0C 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693794635579
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:35 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
max-age=59578, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Mon, 04 Sep 2023 19:03:33 GMT
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=null
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=null&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:39 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794639814036-152
setuid
user-sync.adxpremium.services/ Frame CC19
Redirect Chain
  • https://ap.lijit.com/pixel?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:36 GMT
content-length
86
content-type
image/png

Redirect headers

Date
Mon, 04 Sep 2023 02:30:36 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
user-sync.adxpremium.services/ Frame 1C13 		86 B
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 04 Sep 2023 02:30:35 GMT
sid
mug.criteo.com/ Frame 1A7D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=p.safeservingcdn.com&sn=ChromeSyncframe&so=0&topUrl=www.shefinds.com&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=Cb_VUXxSVThwZkJ3WklveVdJYjJUNDJBZ3lvdStSR09yMkg4SzZ5UExPa0FqcDZKa1g4akFad2lDTmIxbEVCQUZVZHVxOTZvckY5dDhXRG5idHlDWDBNRENtTFVQNVdTNjloVjBEZjg0Y2o4aUZ3S0U5U1gxR2pCd3U3WE...
419 B
648 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Cb_VUXxSVThwZkJ3WklveVdJYjJUNDJBZ3lvdStSR09yMkg4SzZ5UExPa0FqcDZKa1g4akFad2lDTmIxbEVCQUZVZHVxOTZvckY5dDhXRG5idHlDWDBNRENtTFVQNVdTNjloVjBEZjg0Y2o4aUZ3S0U5U1gxR2pCd3U3WERCeXJGTjFwTDk3S0VBcHNwdjRqcmN5TllYenZMWTJFVmVpQ1hBYjNnQnVuVTI3NytTaVRoOUdSNlNuQndETUdINnpPNDBuUTNZRWYyNmxQZmtOaGFSWEFnYkJucmhoSUxQRjVhOE9rZTQxN1E2Z1FnT3pTVUVuaGtDS1Q2NTlXNDQ0NUJlSm1NcG9MY2E2SWRYY3JnOG5Zcm1iYlZJcDdLdjRoSGd2bG5QY29kVGF4RkI2ST18&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
23fb0abe43c67d9772bf094f05c268d7ff0a9eda86f7b090c9256535a281d500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1458512
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=Cb_VUXxSVThwZkJ3WklveVdJYjJUNDJBZ3lvdStSR09yMkg4SzZ5UExPa0FqcDZKa1g4akFad2lDTmIxbEVCQUZVZHVxOTZvckY5dDhXRG5idHlDWDBNRENtTFVQNVdTNjloVjBEZjg0Y2o4aUZ3S0U5U1gxR2pCd3U3WERCeXJGTjFwTDk3S0VBcHNwdjRqcmN5TllYenZMWTJFVmVpQ1hBYjNnQnVuVTI3NytTaVRoOUdSNlNuQndETUdINnpPNDBuUTNZRWYyNmxQZmtOaGFSWEFnYkJucmhoSUxQRjVhOE9rZTQxN1E2Z1FnT3pTVUVuaGtDS1Q2NTlXNDQ0NUJlSm1NcG9MY2E2SWRYY3JnOG5Zcm1iYlZJcDdLdjRoSGd2bG5QY29kVGF4RkI2ST18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
318839
content-length
0
expires
0
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame A0AE 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693794635759
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:35 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
max-age=59578, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Mon, 04 Sep 2023 19:03:33 GMT
auto-user-sync
ads.stickyadstv.com/ Frame A0AE 		0
0
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=null
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3Dnull&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:38 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:37 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794637904079-147
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame EBF5 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693794635847
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:35 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
max-age=59578, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Mon, 04 Sep 2023 19:03:33 GMT
auto-user-sync
ads.stickyadstv.com/ Frame EBF5 		0
0
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=null&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_&gdpr=0
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
  • https://cms.quantserve.com/pixel/p-wLsaAfCW5Mb6X.gif?idmatch=0&gdpr=0&gdpr_consent=&us_privacy=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1588&gdpr=0&userId=WN1Qe1rYBX5DjQMvVosbe1yNAndD3Q4vWNuyULKF
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:39 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794639653079-123
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame 5649 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693794635933
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:35 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
max-age=59578, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Mon, 04 Sep 2023 19:03:33 GMT
auto-user-sync
ads.stickyadstv.com/ Frame 5649 		0
0
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:39 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794639119024-308
bandwidth-test-25ko
cdn.stickyadstv.com/mustang/ Frame BFE6 		25 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1693794636027
Requested by
Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:9000::687e:7751 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:36 GMT
Last-Modified
Thu, 06 Jul 2023 01:58:31 GMT
ETag
"64a61fc7-6400"
X-Cache-Status
MISS
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://www.shefinds.com
Cache-Control
max-age=59577, 7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25600
Expires
Mon, 04 Sep 2023 19:03:33 GMT
auto-user-sync
ads.stickyadstv.com/ Frame BFE6 		0
0
bridge
cm.adgrx.com/
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID%26gdpr%3D0%26gdpr_consent%3Dnull&gdpr=0&gdpr_consent=null
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=null&gdpr=0&gdpr_consent=null
  • https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
173.231.178.117 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
lga-delivery-9.sys.adgear.com
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:39 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
lga-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.adgrx.com/bridge?AG_PID=freewheel&AG_SETCOOKIE&gdpr=0&gdpr_consent=null
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1693794639316096-323
setuid
prebid-server.rubiconproject.com/ Frame AF10
Redirect Chain
  • https://ssp.disqus.com/redirectuser?gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dzeta_global_ssp%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%...
  • https://prebid-server.rubiconproject.com/setuid?bidder=zeta_global_ssp&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=zeta_global_ssp&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

location
https://prebid-server.rubiconproject.com/setuid?bidder=zeta_global_ssp&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:36 GMT
cache-control
no-store
content-length
0
expires
0
usync.html
eus.rubiconproject.com/ Frame 4D12
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:36 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
usync.html
eus.rubiconproject.com/ Frame C805
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
  • https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.shefinds.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 04 Sep 2023 02:30:36 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 04 Sep 2023 02:30:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
server
AkamaiGHost
adyoulike
s.seedtag.com/cs/cookiesync/ Frame 1559 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.seedtag.com/cs/cookiesync/adyoulike?channeluid=d99fc1948fa396f0fdd7e4c9f13a0c3a&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.50.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.50.149.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:36 GMT
via
1.1 google
access-control-allow-credentials
true
server
openresty
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT, HEAD
cksync.php
contextual.media.net/ Frame 1559 		53 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=ayl&ovsid=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
96.17.64.29 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-64-29.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Mon, 04 Sep 2023 02:30:36 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Mon, 04 Sep 2023 02:30:36 GMT
/
sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/ Frame 1559 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/adyoulikertb-network/1/rtb-h/?GDPR=0&GDPR_CONSENT=&taboola_hm=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
32192
pixel
ap.lijit.com/ Frame 1559 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DSOVRN%26ttl%3D720%26uid%3D4b30a0b1f289a261ab592e1e53c126eb%26visitor%3D%24UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
63.251.114.182 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 04 Sep 2023 02:30:36 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
711333.gif
id.rlcdn.com/ Frame 1559 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711333.gif?&gdpr=0&gdpr_consent=
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:36 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync
matching.ivitrack.com/ Frame 1559 		42 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=ayl&uid=d99fc1948fa396f0fdd7e4c9f13a0c3a
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:35 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
setuid
rtb.adxpremium.services/ Frame 8356
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50&us_privacy=1---
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:36 GMT
Server
nginx
Vary
Origin
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
86
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
314e432eb2d967cf733b82bdbbe35231
Expires
0
setuid
prebid-server.rubiconproject.com/ Frame AF10
Redirect Chain
  • https://sync.adkernel.com/user-sync?t=image&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dadkernel%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D...
  • https://prebid.a-mo.net/cchain/0?&cb=%2F%2Fsync.adkernel.com%2Fuser-sync%3Fzone%3D183045%26dsp%3D343983%26t%3Dimage%26uid%3D
  • https://sync.adkernel.com/user-sync?zone=183045&dsp=343983&t=image&uid=c38e02b2-2b01-4a8f-865b-88eb3fbaa415
  • https://prebid-server.rubiconproject.com/setuid?bidder=adkernel&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=A7298272160482644129
86 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=adkernel&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=A7298272160482644129
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
69.173.151.96 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

content-type
image/png
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
content-encoding
gzip
transfer-encoding
chunked
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:39 GMT
Server
nginx
Age
0
Location
https://prebid-server.rubiconproject.com/setuid?bidder=adkernel&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&account=&f=i&uid=A7298272160482644129
Cache-Control
no-store
Connection
close
Content-Length
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://p.safeservingcdn.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:35 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
229201
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/ Frame 63B3
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.shefinds.com%2F&domain=p.safeservingcdn.com&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=rTs6znxhVEpLaG9wUkxBenJUYVZHakZ6amtzTXFjRndYdXNMb2oybzBvV3lxM29iTEtkbkpUdm9qU2gxakNIbUJTSUJVTkdBMHR2amZCVU5KRno5VEV4endUVEN6N2l1ZzdYT0p2Rk5EaXdaaG9TRHhTUWNmOHpZVjVoWl...
421 B
693 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rTs6znxhVEpLaG9wUkxBenJUYVZHakZ6amtzTXFjRndYdXNMb2oybzBvV3lxM29iTEtkbkpUdm9qU2gxakNIbUJTSUJVTkdBMHR2amZCVU5KRno5VEV4endUVEN6N2l1ZzdYT0p2Rk5EaXdaaG9TRHhTUWNmOHpZVjVoWld6eXhHSEtMVWRKd2YvMjMwS1JEWWMzVWU3SEN6RlpSaVhhUnQxNlRRMUNqVGp5U01GTGZsV0RDaGhYRHFLRWU4ajVlWWdpK0laSFdBUkZON0VOQTFndGE2bkgvRnI4cUZReVJwMVBzSTBkb0pFYjQ0ZTNWQXhBNEVFQWdhMTYzUnZ6cVQ3RUpyOE54T0xpeEFuVUxmbjVRWENnMGNlK1NiVlJrdmlQMFJwVmVnOXN3VmQxMD18&cppv=2
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
be823ab7fe388a5ce85613917be244c09e73f0053ad2592affe8db1cf218b88c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://p.safeservingcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:36 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
866758
expires
0

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://p.safeservingcdn.com
location
https://mug.criteo.com/sid?cpp=rTs6znxhVEpLaG9wUkxBenJUYVZHakZ6amtzTXFjRndYdXNMb2oybzBvV3lxM29iTEtkbkpUdm9qU2gxakNIbUJTSUJVTkdBMHR2amZCVU5KRno5VEV4endUVEN6N2l1ZzdYT0p2Rk5EaXdaaG9TRHhTUWNmOHpZVjVoWld6eXhHSEtMVWRKd2YvMjMwS1JEWWMzVWU3SEN6RlpSaVhhUnQxNlRRMUNqVGp5U01GTGZsV0RDaGhYRHFLRWU4ajVlWWdpK0laSFdBUkZON0VOQTFndGE2bkgvRnI4cUZReVJwMVBzSTBkb0pFYjQ0ZTNWQXhBNEVFQWdhMTYzUnZ6cVQ3RUpyOE54T0xpeEFuVUxmbjVRWENnMGNlK1NiVlJrdmlQMFJwVmVnOXN3VmQxMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
292917
content-length
0
expires
0
prebid
id5-sync.com/api/config/ Frame 63B3 		135 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Mon, 04 Sep 2023 02:30:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/ Frame 63B3 		152 B
825 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.179.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-179-35.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a15fcb2453f1234a67fa10a26918e1e5e4f749725ca6ddc3689d69b0c588a890

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:36 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://p.safeservingcdn.com
cache-control
no-cache
x-server
10.40.8.157
access-control-allow-credentials
true
content-length
152
expires
0
sync-all.html
adxbid.info/ Frame FA73 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8a23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1787a5dfdba5a51fbef09d57aaadebb83af016d1b4f087236fa1ce27c06a99c5

Request headers

Referer
https://p.safeservingcdn.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8012cfbd1e3b0cbc-EWR
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 04 Sep 2023 02:30:36 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWuQqSyg5JonZ3xlzIWm%2Blv9uKmXlPsyP7JW%2Ba1fePz4UOBoZmVRIL%2BBQNAUzwFYgTRr7m%2BUS5LYBjEzqohLDIkuix2k7wxW9poqCajvtqekSns%2BtZZEbzU6Fh1XzX1JMZujYpwWDEa06A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=rTs6znxhVEpLaG9wUkxBenJUYVZHakZ6amtzTXFjRndYdXNMb2oybzBvV3lxM29iTEtkbkpUdm9qU2gxakNIbUJTSUJVTkdBMHR2amZCVU5KRno5VEV4endUVEN6N2l1ZzdYT0p2Rk5EaXdaaG9TRHhTUWNmOHpZVjVoWld6eXhHSEtMVWRKd2YvMjMwS1JEWWMzVWU3SEN6RlpSaVhhUnQxNlRRMUNqVGp5U01GTGZsV0RDaGhYRHFLRWU4ajVlWWdpK0laSFdBUkZON0VOQTFndGE2bkgvRnI4cUZReVJwMVBzSTBkb0pFYjQ0ZTNWQXhBNEVFQWdhMTYzUnZ6cVQ3RUpyOE54T0xpeEFuVUxmbjVRWENnMGNlK1NiVlJrdmlQMFJwVmVnOXN3VmQxMD18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 04 Sep 2023 02:30:35 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
406914
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
setuid
rtb.adxpremium.services/ Frame FA73
Redirect Chain
  • https://eb2.3lift.com/getuid?limit=50&us_privacy=1---&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
  • https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:36 GMT
Server
nginx
Vary
Origin
Content-Type
text/html
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0

Redirect headers

location
https://rtb.adxpremium.services/setuid?bidder=triplelift&uid=4187545677285024608258
date
Mon, 04 Sep 2023 02:30:36 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.js
eus.rubiconproject.com/ Frame C805 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:36 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57904
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
usync.js
eus.rubiconproject.com/ Frame 4D12 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
96.17.65.140 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-17-65-140.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adyoulike&endpoint=eu&gdpr=0&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:36 GMT
Content-Encoding
gzip
Last-Modified
Sun, 03 Sep 2023 18:35:23 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=57904
Connection
keep-alive
Content-Length
10124
Expires
Mon, 04 Sep 2023 18:35:40 GMT
setuid
rtb.adxpremium.services/ Frame CC19
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50&us_privacy=1---
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:36 GMT
Server
nginx
Vary
Origin
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
86
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1559 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssbG2CMEH7pSDQiHf50rY_CJQUF0KSgRSUovB0VW4sCXn-otFT_lXFcBoM74bJqnR_DzNarSbaFxd7lh_3B4I_10eE9L8yZs9CWcFxLhArQOWf6E_Ko_PqoGNmj22cflNXW5Y6GjsiVJ2F0CDbsQo3yvJebMyWHIIalFxKfdCqNZOD_MKxAZglyGprNHxI3PLmvxsOsrKhk7p4Dv2-9iv0_dGAgUXFHxvEKikzXz3Sh65y2rosiRVhyFt1XiXHlqVK_dGxhCllj2IPRKttXIHmoQPs_zmfVcSDp8MrHo_Aq1JayA26pngV8oucOvR08_QAYobpcLRppvAz7JHtlzuqWMsZAyVYf1si8F7w6&sai=AMfl-YRc0pP7LFocKNe2IqWjWjQk_iJ3dKv09U1pca7OVbxV9JHY8mFpZkst1Zua_6K28_IBeJAMPVevL_hN7dIBWxMohE33dqES4jJkLCokJDmELH2T7qoFNAUBw3nzkAs&sig=Cg0ArKJSzKb1sALN-P3IEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:36 GMT
setuid
user-sync.adxpremium.services/ Frame FA73
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:36 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=1d485a6622401c7a1ca519109852e88480b2b6462a210136667ac00b8fc18500
Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
setuid
user-sync.adxpremium.services/ Frame CC19
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&us_privacy=1---&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:36 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
date
Mon, 04 Sep 2023 02:30:36 GMT
server
nginx
content-length
0
content-type
text/plain
setuid
user-sync.adxpremium.services/ Frame 8356
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&us_privacy=1---&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:36 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
date
Mon, 04 Sep 2023 02:30:36 GMT
server
nginx
content-length
0
content-type
text/plain
sync
vid.vidoomy.com/ Frame 14D7 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Mon, 04 Sep 2023 02:30:36 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
HIT
x-77-nzt
AVm7sQ9O0zf/NzwKAA
x-77-nzt-ray
49be1408ddd78f3f4c41f56444daab36
x-77-pop
newyorkUSNY
x-accel-date
1693123861
x-accel-expires
@1694160661
x-age
670775
x-cache
HIT
v1
lb.eu-1-id5-sync.com/lb/ Frame 63B3 		33 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
8098407777ccbd8b229fc1c982b9cd78d4e2041d1b7f437d338b6715b3eb5225
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://p.safeservingcdn.com
date
Mon, 04 Sep 2023 02:30:36 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
setuid
user-sync.adxpremium.services/ Frame FA73
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&us_privacy=1---&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:37 GMT
content-length
86
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:37 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://user-sync.adxpremium.services/setuid?us_privacy=1---&bidder=ix&uid=ZPVBNe7xTpdYaMRGxHT2EAAA%26468
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 14D7 		1 KB
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
156.146.36.23 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
137173278.nyc.cdn77.com
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Mon, 04 Sep 2023 02:30:37 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
670299
x-accel-date
1693124338
x-77-nzt
AZySJBYX453/WzoKAA
x-accel-expires
@1694161138
last-modified
Mon, 10 Jul 2023 08:02:46 GMT
server
CDN77-Turbo
etag
W/"64abbb26-479"
x-77-nzt-ray
1e192d08f186f4b14d41f56447fa6105
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
cookie
a.vidoomy.com/api/rtbserver/ Frame F0A5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM49KSCX-B-B1NA&gdpr=0
43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM49KSCX-B-B1NA&gdpr=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
212.36.83.245 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:38 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM49KSCX-B-B1NA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8bab65602db075726861004da5629947
Expires
0
pbscookie
a.vidoomy.com/api/rtbserver/ Frame F0A5
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D9fd3cc4d3cedab82560fbe2690ba...
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=CEN
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=CEN
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
212.36.83.245 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:37 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:36 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=CEN
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbscookie
a.vidoomy.com/api/rtbserver/ Frame F0A5
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3Dopenx
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=openx
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=openx
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
212.36.83.245 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:37 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:37 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=openx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 557C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3Dpubmatic
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101330
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:37 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 9023
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3Dopenx
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=openx
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=openx
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
HTTP/1.1
Server
212.36.83.245 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:37 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:37 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=bfdbcd8b-13f2-06cc-33d7-a2db216cbf66&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=openx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
dspsync
vid.vidoomy.com/ Frame C22B
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=vidoomy
  • https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=BfCE3hDnG2SOJFTOP3fi&pi=vidoomy
37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=BfCE3hDnG2SOJFTOP3fi&pi=vidoomy
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
374018aee649958e1ae4a55f5c4c7adad1d84334c8d4ea6805f10f152734de1e

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Mon, 04 Sep 2023 02:30:37 GMT
etag
W/"621c89af-93db"
last-modified
Mon, 28 Feb 2022 08:37:03 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-cache
MISS
x-77-nzt
AVm7sQ+DGFqh
x-77-nzt-ray
49be1408ddd78f3f4d41f5645b13d914
x-77-pop
newyorkUSNY
x-cache
MISS

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 04 Sep 2023 02:30:37 GMT Mon, 04 Sep 2023 02:30:37 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=BfCE3hDnG2SOJFTOP3fi&pi=vidoomy
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 811C 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101330
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:37 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
692.json
id5-sync.com/g/v2/ Frame 63B3 		630 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/692.json
Requested by
Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_307825_11598.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
4d5150feaea97c18e9ddd2754ccdee2f8c5419cf8868ffd38d431e85d8148bdf
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://p.safeservingcdn.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Sep 2023 02:30:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://p.safeservingcdn.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 2CA8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3Dpubmatic
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.245 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Content-Type
text/plain
Date
Mon, 04 Sep 2023 02:30:37 GMT
Server
nginx
setuid
user-sync.adxpremium.services/ Frame FA73
Redirect Chain
  • https://ap.lijit.com/pixel?limit=50&us_privacy=1---&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:37 GMT
content-length
86
content-type
image/png

Redirect headers

Date
Mon, 04 Sep 2023 02:30:37 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://user-sync.adxpremium.services/setuid?bidder=sovrn&uid=HQzWZQZHTprevADoQOeL11M1
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
user-sync.adxpremium.services/ Frame 6D4A 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=pubmatic&uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&us_privacy=1---&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 04 Sep 2023 02:30:37 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		83 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4012409536050128&correlator=1793306007402279&eid=31077576%2C20222283&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&us_privacy=1---&iu_parts=21824729475%2Cshefinds-shefinds-desktop-300x250%2Cshefinds-shefinds-desktop-728x90&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2&prev_iu_szs=300x250%2C728x90%2C728x90&ifi=16&sfv=1-0-40&rcs=2%2C2%2C2&eri=1&sc=1&cookie=ID%3Df4365ba33414e7f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MazNz2hq7EamHvgy9Von-nafnO9QQ&gpic=UID%3D000009fc561c41f6%3AT%3D1693794608%3ART%3D1693794608%3AS%3DALNI_MbKlL1TgVc1-vhqOeuMOl23b4vyjg&abxe=1&dt=1693794637429&lmt=1693830476&adxs=650%2C436%2C436&adys=4751%2C4415%2C5015&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=25%7C26%7C27&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&vis=1&psz=300x250%7C728x90%7C728x90&msz=300x-1%7C728x-1%7C728x-1&fws=4%2C4%2C4&ohw=960%2C960%2C960&ga_vid=1789139906.1693794608&ga_sid=1693794609&ga_hid=373171656&ga_fc=true&dlt=1693794606980&idt=1664&ppid=92e47ef3-e5e4-4a9c-b6d4-2eb85344024c&cust_params=permutive%3D21967%252C32745%252C43641%252C73308%252C81752%252C87946%252C95987%252C95993%252C96402%252C97250%252C101262%252C102567%252C105086%252C116913%252C116916%252C124918%252C128800%252C128890%252C146917%252C157392%26puid%3Db10f1680-a6f7-4e6e-8f05-6311e1399ca3%26ptime%3D1693794609682%26pvuuid%3D65e90d9a-880c-4922-8429-737d1e8accef%26addir%3Dbh%252F41%252F412%252F412983%252F2498530%26site%3Dshefinds%26domain%3Dshefinds.com%26urlhash%3D2907093993%26section%3Dcollections%26directory%3Dwalmart-packaging-change%26plat%3Ddesk%26pt%3D-%26schainv10%3D1.0%252C1!pmc.com%252C1179161%252C1%252C%252C%252C%26browser%3DChrome%26pageview%3D1%26admants%3DS_10087%252CS_10271%252CS_10955%252CS_11587%252CS_12403%252CS_12404%252CS_12747%252CS_4284%252CS_4288%252CS_4289%252CS_4304%252CS_4317%252CS_4359%252CS_5276%252CS_6202%252CS_6310%252CS_6650%252CS_6654%252CS_6655%252CS_6766%252CS_6768%252CS_6911%252CS_7077%252CS_8531%252CS_9094%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_1506123_PG%252CIAS_3007008_PG%252CIAS_1500690_PG%252CIAS_1500154_PG%252CIAS_1500161_PG%252CIAS_8285_KW%252CIAS_13037_KW%252CIAS_5678_KW%252CIAS_1500092_PG%252CIAS_1500085_PG%26fr%3Dtrue%26prmtvsdk%3Dweb%26videocodecgroup%3Dmp4%26refresh%3Dy%26boom_session%3D11033ff46a8271b&adks=3451304819%2C531428060%2C531428063&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js?cb=31077576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7380dc1c6115b101cfb8dd0e2f3c59aebb8a6f244458068013cf9bf420c5d41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14621
x-xss-protection
0
google-lineitem-id
6124744791,6126907430,6126907430
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138406906113,138406906110,138406906107
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E30 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 23BF 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame DFF5 		0
0
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 6784 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404028
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Sysj6qC_H_uL8ZJQmhHfpDB4P_P5qcrLB_lmdcN2tLvpcTWIexyMwQ==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6784 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:37 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 1482 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404028
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
l8TM16L9YYDvtOfCsmCpDK0M6PivmdHfeMAOGxPk084JygeIkyNMzw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1482 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:37 GMT
b-e09f10f-63571a86.js
tagan.adlightning.com/sheknows/ Frame 90A2 		77 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.163.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-163-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 20:30:10 GMT
content-encoding
gzip
via
1.1 dfbeb92e774306364b3bad2c0151cd7e.cloudfront.net (CloudFront)
x-amz-version-id
tb1yMAe_vJ72EXTSXq8g5NQ9JazXnyY6
x-amz-cf-pop
EWR53-C3
age
1404028
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
29309
x-amz-meta-git_commit
e09f10f
last-modified
Tue, 30 May 2023 14:01:33 GMT
server
AmazonS3
etag
"a30345549b7dc56484685e18e48dae88"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
APtUxRq3GSUk1fJuoE54JkYw204FWFOrj3ZLNS7A_335221NvqAiNg==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 90A2 		181 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 04 Sep 2023 02:30:37 GMT
setuid
rtb.adxpremium.services/ Frame FA73
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50&us_privacy=1---
  • https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 04 Sep 2023 02:30:38 GMT
Server
nginx
Vary
Origin
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
86
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://rtb.adxpremium.services/setuid?bidder=rubicon&uid=LM49KSCX-B-B1NA&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
382e2818ca015d35b02cd449aa60881d
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6784 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMZxq0TfMpty2DsqEXkuMMGF0nMpnEWxtwVz9bXTuK8GxYuT6zZDpNlz73alVwS2uY68fPmrDk3I-HC7a0otOSSNSBATgHnVDLy_2Qs28K2_AhdnZWX1vBoC2QsrsYBVnhBjF_Y1n7j09PQXO1jKA3VKU7xpHcXS8S1bYOqNew6XQLFWyupHGw9aFB7dfZfsYinwbPHLNjCP0Ihu7GpEXhUbCBh01MM-WcZ-kAbiKUICm3fAum2xyY6kusXsRQc3ezk0RSYa8cHRyDSNP_mhTeF1H17LXWqlJdqeyn3PJh6Ojf4eZ2hjubdpsWmVyVK3gRFDXpaEF_9HNWSQv9pd-6h7XyYdX2bJKRzDw5CqWB&sai=AMfl-YTF0f6cMD3yXZ-roTaP_5aFZHb1vjBSx6OpO4UAYY0Bs07Ndj5vT-G7by3-4ViWWHyaPJxeRSq35Ax7d42FQ9LKCBiVKEGO870ck3Ui95oheeI5dZnKTk2NjGqZSMU&sig=Cg0ArKJSzHXn_1T4LP3fEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame 6784 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=463&friendly=friendly_63882213&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=63882213&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.172.234.98 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bidstream-nyc-02.advertserve.org
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
pixels
pix.spot.im/api/v1/ 		0
228 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pix.spot.im/api/v1/pixels
Requested by
Host: static-cdn.spot.im
URL: https://static-cdn.spot.im/production/launcher/tags/v3.9.6/launcher/386-bundle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-49.jfk50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 04 Sep 2023 02:30:38 GMT
via
1.1 d0bce79fed43d50812383302c31b7430.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
0
x-amz-cf-id
Mtfnz4qjjfo5juR0-lG9_rHro_s2cqGzl44s63fmlVL5Pc6GXkKFTQ==
view
securepubads.g.doubleclick.net/pcs/ Frame 1482 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAuFbe3sQ3PQwxbH8rQWcHIxshP4WI80MV3UE-ZMzQzqE_IOOj6NTZ5VaUiqcDZddsKZM2MYCQ3k054KCwDvZPlkOj9NtCy2tXxHN-gSmE7-FQRawB7LnJgQ7vQfKzM9WHLkIUfDKpYObO1tnkPMvr5QAy5Y0ZvMIt9j1cZ-gd2m9zMUAPJ8mN_EBX3gX4QbVAi61Pa__KXsV_0vPvReBQmFRriushSjbK7fnOwrT0-qYGNlFrM0FhC0I_ZJze-siqZ5NUywp3YsIa_E1uW_2rKyNeujiBQy2UhXD0hOO-bocVKOeLDunnRg551G-cSnICQHUdOTdjUBdQ-NwV6N-zamz5CVpW1FDEUw&sai=AMfl-YQw6QHmfQIZr6H0wc8--RhUtAe9omCI2MVmG4mQIeJeQLAjPz9v7INHx-HVpGL52XEXTK4r3EBShQEcGeJPOGs03Jam-ZtXun1RvavB2kKfZ4zBbHuvcqqN-bdrhBs&sig=Cg0ArKJSzPef5zhf2OW-EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame 1482 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_60653926&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=60653926&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.172.234.98 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bidstream-nyc-02.advertserve.org
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 90A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsui0zK7KD4s_kILa6l8_yctMUnQl9DjPBodkd47xuglTBH5p59QyenT2veX7TGQE9fD2UunB4Eq2AowD8bV7lMb04PyTBSRtQg_icr6ep9_C8WtX1mBFUXoRwRloU7HH5XQ6hIk2FVK5wfq3thaELaKHIkCatBi8Z6f6bzAZgDs0NJ_r1Z5kZj5aRglmXhiJgEc7UNDgzgfptOHUmexvqGvMsC4oBRW_MMt386ryfW-nOhzGq4oSpSDoeai2mycVI85pccytE18ooYZWmrwhJHBMSGeoboySWrz2i4cXAzQfcIyAzi7ihEGJq0Deoy4zYC1BwiD6yq0BK5I_WsJ9IZgmrk2PhwXnqFR0Q&sai=AMfl-YShQb6Inucbk9E2nariXFOxBdXhmNYZss2K-XcLxawtJ45MoNFxUJ1odU6YLCa95tju1oa7_1REGyyrjF_wDNjkKM9BHVZ2zc6y2qwMRfkvKrGdKtB7NufckJUijdI&sig=Cg0ArKJSzOyQBlZw-Qa2EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
zone
ads.bidstreamserver.com/servlet/view/banner/javascript/ Frame 90A2 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_72510872&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=72510872&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.172.234.98 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
bidstream-nyc-02.advertserve.org
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers
truncated
/ Frame 1482 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d345b23766b28369c062ba78ee99e79f9aee5913b86d297e082bb4df135b8501

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6784 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a63188865c79b22e183e7b9f196ddb436355389943f42585f168ad7f2c0a0072

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 90A2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6d6e8d1120817fea21248a33d88e38e9ffe5de7f6f2c74aa97c7f6b9f03d58f

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Content-Type
image/png
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=340247040194248&ev=KWCEPA&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&rl=&if=false&ts=1693794639067&cd[tsop]=0.52&cd[lop]=0&cd[noaip]=10&cd[noims]=0&cd[slen30]=1&sw=1600&sh=1200&v=2.9.125&r=stable&ec=6&o=30&fbp=fb.1.1693794608250.1701952099&it=1693794607790&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 04 Sep 2023 02:30:39 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0103 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3Dpubmatic
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.29.128.213 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-29-128-213.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=101328
content-encoding
gzip
content-length
5636
content-type
text/html
date
Mon, 04 Sep 2023 02:30:39 GMT
expires
Tue, 05 Sep 2023 06:39:27 GMT
last-modified
Fri, 01 Sep 2023 11:21:55 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cookie
a.vidoomy.com/api/rtbserver/ Frame 14D7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
  • https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM49KSCX-B-B1NA&gdpr=0
43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM49KSCX-B-B1NA&gdpr=0
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
212.36.83.245 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:39 GMT
Content-Encoding
none
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://a.vidoomy.com/api/rtbserver/cookie?i=BS&uid=LM49KSCX-B-B1NA&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
Expires
0
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 14D7
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D9fd3cc4d3cedab82560fbe2690ba...
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=CEN
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=CEN
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
212.36.83.245 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:39 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:38 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=CEN
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
setuid
user-sync.adxpremium.services/ Frame FA73
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&us_privacy=1---&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
86 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:39 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=640113117700930142
date
Mon, 04 Sep 2023 02:30:39 GMT
server
nginx
content-length
0
content-type
text/plain
pbscookie
p.vidoomy.com/api/rtbserver/ Frame C22B 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.vidoomy.com/api/rtbserver/pbscookie?dspid=RTBH&uid=BfCE3hDnG2SOJFTOP3fi&vid=9fd3cc4d3cedab82560fbe2690ba4bec
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/dspsync?dspid=RTBH&uid=BfCE3hDnG2SOJFTOP3fi&pi=vidoomy
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.246 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

Date
Mon, 04 Sep 2023 02:30:39 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://vid.vidoomy.com
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
pbscookie
a.vidoomy.com/api/rtbserver/ Frame BFE3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&vid=9fd3cc4d3cedab82560fbe2690ba4bec&dspid=pubmatic
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D9fd3cc4d3cedab82560fbe2690ba4bec%26dspid%3Dpubmatic
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.36.83.245 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
*
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Connection
keep-alive
Content-Type
text/plain
Date
Mon, 04 Sep 2023 02:30:39 GMT
Server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame 6784 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1vkuEsGG7FcDbB_Bf1tjMtiWCWqvp-AjbtouvIQywyBg1s9qtfBayLhMC7EHNwZtnog8XyR4cF1i8397ITZzUmeIKDKFxYoSpJRw3upLjMU1rPPQy4M46LB1WjmGsIKDx_aeIzXxt7JoJDYHQpnl9GVIF_Xl6QTtLJsABZvHQO8balGs7NbQh8GBhIimrKYIqZg7QbRDO5G2fMBDlmld66WoCWeKfwfyMkk363qiVTm8ldfZF9Clr8IXRwkw15CQoC-iqeBzktHv3uCTMvEhPXD1jetIsCchGd38yoEJ8Cr1exGMsd81gGCE1JukgYwHkAzUsmFSpi1j1E5C9myHVJhsA46KZRp6BUtUDHlo_MOU&sai=AMfl-YTfbVDp0304aIDEIfhbDBS-A7XlcXbMTxRWCPJekhJgWem7360Yw3kad4W87lm5NUL7IEGY1KnJjHLvp5afuZk7mOzrGNTvVj7VoA16aMReAwuWBo-UGA4JgRIQFZU&sig=Cg0ArKJSzNMqQk_C_32lEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1482 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyFE6tXE2vITiaz7z7HR50fjUyNI-Gh-bCs0AId8ko1SQpw_lo33aMFqAsdro9DLaqzSuSq9gOLou0XvHizY7QASu3AOostp969gwlRMuNUusYu0C1J28Edy_-2gjYwgNvVLJ-no0V0eykNrYA9781suNH3sQOaiPwyCAKO0SJNvFoKPaCBRSIwgmUkdTdY7Rp3NUNFRrsUgrCGSw9rAuI4ievCPpsGXmv_mSPc9lE1QfKQeNZXUxULVZmkoq8IwrK__10xZ0ym99y4X5MZCzsLm8XF1eg4JiZnSy5jfIYNgqo7fBEtxo1Fj8mj8id7gqmwea2-WtUmrxuTsWwgX00YTHF8F2CTAtg8Ibr&sai=AMfl-YRVlls-rMz_Gw4KT07oRRRxMLJZ6tEyaA0RQ2GDoNWbz7FvzYnZijAQRhMdkAgo01zgYTn1aV9cjeVXUrLftVdKNRT2z_NcPOurJ7-OPLj1ZOrJce3W0uy3qiccelc&sig=Cg0ArKJSzN1K62pc4od-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:39 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 90A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttYPSRlp9kHobzOIEo81_Xb_bYhEaw0C9uVn_nvxYLbKp2HY1J_nt2N7GTsnOZX9i0JRejxwmeJkZHMyPFzROBXlmj6lbuSMRyDyZTTAZv-fxc2UKnpc8_wi0SlXcHQezzc8-CTqnO5qiWqCnMpIG_zMVD2e_epMSyWo0yR4WUC7nFAgP1eRDXBBH4UZdppOVaehHiq3VlRKd5oIOmzbGPvpSZKoLXvVATYILfT0AZ1kszhxjiZnbQs4P1Wz7Ohafo5sO5PO8jdKroaBNEHcbiDscnr81D2YoaPG5hZTC7s0gS9Vfaxd6VYTLWPix1v8JsPJYgEwQpeaEU9kuzSr7CyLxRKSnT7OZualZD&sai=AMfl-YTClE-00TZyh_PjxQ1BND8VvEcMnrVPllSn_unFHf2x3GG_KCqb3dPihmCHJZFlk8G5vqM0_L34LeD8qis5biz0xDc0wjZTevAUQWcNT3CUgtie9PujvedaE0NJpdE&sig=Cg0ArKJSzGIwVC8deOGrEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/sheknows/b-e09f10f-63571a86.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 02:30:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Sep 2023 02:30:39 GMT
setuid
user-sync.adxpremium.services/ Frame F0A5 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=9fd3cc4d3cedab82560fbe2690ba4bec
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 04 Sep 2023 02:30:39 GMT
setuid
user-sync.adxpremium.services/ Frame 9023 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=9fd3cc4d3cedab82560fbe2690ba4bec
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 04 Sep 2023 02:30:40 GMT
setuid
user-sync.adxpremium.services/ Frame 14D7 		86 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://user-sync.adxpremium.services/setuid?bidder=vidoomy&uid=9fd3cc4d3cedab82560fbe2690ba4bec
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&us_privacy=1---&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
86
content-type
image/png
date
Mon, 04 Sep 2023 02:30:41 GMT
pixel.gif
px.moatads.com/ 		43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&kq=1&lo=0&qs=1&ak=https%3A%2F%2Fwww.shefinds.com%2F%2Fcollections%2Fwalmart-packaging-change%2F-&i=NATIVOINVCONTENT1&ud=false&qm=600&qn=6OZw%3DoHB%2CEF%3FKC1I%3Cq.bWoCSV2W0Su*TDXlCfX2iR2%25(GyHN%3DI(%2C%3Ba15lK1t!9ZpAH..4iwM%25z4mc4djG%3D_11%5Dz(m3%7CuK9~P%5DDohjO%7BcEKHD%40%404KrD(KA.E%24C%23I%3BC%2FVKw(%24Y4%5D%2B)%60K%3A%3A%2FAwJ_%5B%259%5BHhUKF%5EhRZ8!w%5ETm_hBE%22%3B8%2BYe6UQ%2FXv%2CN%2F%2Fs1S*qks!1%3CFZ%40V9t%60)%26k%3Dzs1w4V%40bL~1fE)YHjrI7(%7DY.N%22WM%3DTrwo6Ie%2F%25B%2FH2%3C*Evb%40%22TyIf%5EHb%25p%2FJZdLTzVEEicuJ%22%5B%40(X%7C01%5B_)vVS%2F%2F.hX%3Dt%3C!T%5D%3DNMV8t8fvb%26%225gziASyKIw%40%409F%5E4gb%5EhIuDJq%409Buo(%2BIb%7Cj8o%3FJjDkk%7Bj12%2F%2B%5BoHBw2o4%2FAwJ_%5Bd9*Nqw%3CvgXMA%3DE%26.geB%23Rz%7Ca0oVR)%2CPOJBm3o40X3Q%22%2BCF%7B%60A%24%3D!o%7BKt%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5Bmx%7BimP%3DK_%3CMC%23V%7Du%258YCC2J.bq!CASw%5EXm0okt%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7BlTr1W*d%5BOCF%259%3CUYoo813_xB%2CN22Ib%40aFB&qp=00000&qq=000001000000&qr=0&gz=0&hh=0&hn=0&qt=0&bq=0&g=3&pl=1&fl=1&sr=0&sb=0&sq=0&sa=0&sn=0&sj=0&sm=0&si=0&md=0&mc=0&lb=15884&la=0&ld=0&lc=0&cw=-1&cx=-1&sh=undefined&xa=0&xb=0&xc=0&h=4&w=4&dnt=0&gu=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&cm=33&f=0&j=&o=3&t=1693794610384&de=463464521125&cu=1693794610384&m=31019&ar=6194820-clean&cb=0&ll=2&ln=0&gh=1&qa=1600&qb=1200&qi=1600&qj=1200&qf=1600&qe=1200&qh=1600&qg=1200&lk=undefined&le=1&gm=1&io=1&ch=0&as=0&ag=0&an=0&gf=0&gg=0&aj=0&pg=0&pf=0&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&em=0&en=0&bu=30155&cd=15149&ah=30155&am=15149&re=0&wb=1&cl=0&at=0&d=14294%3A-%3A-%3A-&gw=nativonielsen548znrb18&ab=1&ac=1&fd=1&kt=strict&it=500&fs=98815&na=182195147&cs=0
Requested by
Host: www.shefinds.com
URL: https://www.shefinds.com/collections/walmart-packaging-change/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.46.189.209 Boston, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-189-209.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.shefinds.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36

Response headers

unused62
8096267
pragma
no-cache
date
Mon, 04 Sep 2023 02:30:41 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 04 Sep 2023 02:30:41 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-SPS2TCRBW2&gtm=45je38u0&_p=373171656&cid=1789139906.1693794608&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1693794607&sct=1&seg=1&dl=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&dt=Shoppers%20Slam%20Walmart%20For%20Packaging%20Change%3A%20%E2%80%98Heading%20In%20The%20Wrong%20Direction%E2%80%99%20-%20SHEfinds&_s=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SPS2TCRBW2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.shefinds.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 02:30:42 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.shefinds.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
d3ezl4ajpp2zy8.cloudfront.net
URL
https://d3ezl4ajpp2zy8.cloudfront.net/shefindsmedia-lifestyle_tag.js
Domain
www.redditstatic.com
URL
https://www.redditstatic.com/shreddit/en-US/alerts-controller-27c3e68b.js
Domain
www.redditstatic.com
URL
https://www.redditstatic.com/shreddit/en-US/icon-clear-fill-630bfab5.js
Domain
www.redditstatic.com
URL
https://www.redditstatic.com/shreddit/en-US/icon-close-outline-fc4e2b29.js
Domain
www.redditstatic.com
URL
https://www.redditstatic.com/shreddit/en-US/xpromo-4d09ac73.js
Domain
www.redditstatic.com
URL
https://www.redditstatic.com/shreddit/en-US/contextualSignupPrompt-8292f7a7.js
Domain
embed.reddit.com
URL
https://embed.reddit.com/svc/shreddit/3PNTER2GUkZNdJ2ILMCAmLX
Domain
embed.reddit.com
URL
https://embed.reddit.com/svc/shreddit/perfMetrics
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWEnoL8Zgw-UNrKZNfPTFweU7zydT10xn-2ATqjrzclpbVFJhr9JQqfTMGGQ_vz5i4bLvwLgBdvc_3bdVWgUAKxKjsHcfWgooecS5tvcRJcanGU-0T6wBXKahuZCuFWU555I4Del0tpX9GerbFtl0nzAnq1cjr1NnTxHIiiI73G33w9XH8yoVoQekeUq5P_lRw-i7R25uy6gcevpCZkXMI9W0EC2yHop3OuUVNY6UF-5zs1ysH_Co0h8MMjRViVmKyQq1P--VAmKMUb6_1Hulvel2B2b2MwffbV8pWibqD8L9Kvpi0SQyOF3U49najSmKB5KmX8Y_5Dr8e_N1DoqJPHnOXtCKhKeGQZOv5b41iTss&sai=AMfl-YTBRSnC14lTP5nbocDLih-nR1TJkLAXmK5uN3uPudOLnzE6m8tmPwn3Kq0weRfRjo-j-Fm6ua-AFfiUZIYwn2ryuK_fwz2wZ9V8YOjSg3cP5ibMENuWRWwbZrTZNfI&sig=Cg0ArKJSzNl_vL8cjUkqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXhRyUarB1sQtlvWHhXRu1QrTukzrJcfQeCwxYpbbUT7D3M0lDKzHVJ700XbzFWDXDOer-F4FSsdH2GsgHgZ9O-oMRr3-9LQL7wUaslHmk0cWumRw5zAkFDcQp2c3hATMh3OaeKKqUgEMiP8qOGQHBzkxHoDzs5oSC1gokezCIriU9VSmTx9CgDXOmhwzeW2CDHxZIwcZ9crwIhCPlq9YadGhrxrDAGMMbM6qfcbqHTbMgcJNIKAcwemaElUEn0MtAKjSTpMdeJQmbc9YjUvFodd-0H_hRZSfzTUYwyiEIONohrGsjh2acdKgyoohAw3MP5gHm5Bm_rWFuQefOWVP8L6IskGv_KoXanTXk&sai=AMfl-YQ27mkq_bQy8rQYdTiorp6Dy_W0FtI9JEh-d1edEBK8uRgvEU0iyaUvZgckEfcYHseRKnmanItcuCeHh8N7rwDNI-0-fUOfyrJOt_CtyDc7txJVBtIRIuIs6Jb8_d0&sig=Cg0ArKJSzHKdr40NzPzIEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu7M0uWlMz6a84s06B16_5zsrzrr4oMrnmhu0T7WKr6Qn8J0IJZEL7wbcDyu5D1Q6mpsjIeOODGhVqDwPnGIfIpfX-bCcVG9oIfPhTvxkN6vfRH7qK4DkXhl8PO4xqM7hhjRhiv_3F3JgP9On130MYDy46ljm2_46M28CB2HTewxlZOHpe6MW7gULQRzI5Yn5yG0hA-BmdSlXT0FynnILzXPdSUl1fsDK3Vda45aA-HYjaAXsmoS4lZrr0Bb_lusa_UdIcWgsG6prcJVe8Lz5gRHudGgWJdDbdsp1iUPIykApmgNB8A6dAHT_31WrQihXAhtc00lI2ncoWG0XbGq2E2HMpVwfXRUXn_AG9i&sai=AMfl-YQ9NEJYifJqwqAzpgP2p5gbSRRDl4HEUlnzaFEL0K5Ns88G2AGwo3HFGm2taLPFpzmy4LYiesvaEZ-ob-9ezZWZBBFNQ6Fz99H5iPFBkw2MRxSZK_2TsNtZNpMJeek&sig=Cg0ArKJSzAJqIVyAwIaQEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIJVHpIr2p9Pa-Hfncw8ZuTUDDwJpw6Kba71RSqaVtdyjEQNfSgUcRWCRcOZR-jVOozMSvF6_4-shJ2phNBCUy9hDxVUACv2fB2nM-5n1Ke5llaSnVDxu4ZIVbUQ78&sig=Cg0ArKJSzNHalu-JTRApEAE&id=lidartos&mcvt=0&p=0,0,250,300&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3451304819&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1693794609551&rpt=1946&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuvgK2mJi3TP8OzRPqBElU19jn43ePRV6c0ieFcrzPXb4ToBZoZXM7jNUTIvgAfpq2fbtPUc4fGKRQSoemNLzztd8GCeDhHbFgO4CmLM5sDJu1qUpLiQlB-TbYieRNL&sig=Cg0ArKJSzJJCS3i1Q7XrEAE&id=lidartos&mcvt=0&p=0,0,90,728&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=531428060&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1693794609570&rpt=1938&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstA6CuvyxK1Fb__JwiS7d8w33mHdaIuvx_YIm9658F-6XQjEIW-Sa4pJUeF1rw5uHDNgXAHFiBTyh3aDtLAPn-IJpaQGBnfsh9YlJQPP7revvGysqz8hO4J2PHUwSqj&sig=Cg0ArKJSzMZmrHcHrgJkEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=531428063&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1693794609581&rpt=1947&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
prebid-server.rubiconproject.com
URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11556&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D1---%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=211945
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
Domain
sync.search.spotxchange.com
URL
https://sync.search.spotxchange.com/partner?source=249286
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent=
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/adyoulike?r=https%3A%2F%2Fvisitor-usa02.omnitagjs.com%2Fvisitor%2Fsync%3Fname%3DADOTMOB%26ttl%3D720%26uid%3Db989ee06df7dfc250798f7f0dfc4ddee%26visitor%3D%7Bamob_user_id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
Domain
pmp.mxptint.net
URL
https://pmp.mxptint.net/sn.ashx?ak=1
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11575&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D122%26us_privacy%3D%26xu%3D%7Bviewer_token%7D
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F821%2F2%2F4.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/instream/video/client.js
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/pbs.gif?gdpr=&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid-server.rubiconproject.com%2Fsetuid%3Fbidder%3Dcolossus%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26account%3D%26f%3Di%26uid%3D%5BUID%5D
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm49l9cj&c=4236314473230&slotId=2118157236615&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lm49lan5&c=4236314473230&slotId=2118157236615&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
csync.loopme.me
URL
https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F821%2F4%2F2.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=appnexus&uid=$UID&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/auto-user-sync?gdpr=0&gdpr_consent=null&gpp_string=&gpp_sid=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu5bq7PZmbFlAe5dHypsjo9dAPY0F9lM3iZ3BzLfgEvxCMENtjdbgyCnG1MElD7tgUIvdJETDo81V8idm_loqVpiqfSY0aJi1vTmPtxDntxvg7vBOCms0ATZQ_ApEiL&sig=Cg0ArKJSzGl9fxlWAOsiEAE&id=lidartos&mcvt=0&p=4735,650,4985,950&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3451304819&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1693794611706&rpt=1735&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5qg5MS4oaPQ_t6p7MNpGcocNhiln02a70_AVR0kTqXf5DRviP52aqvPlIJHmna6-MPdfna4cx0j0Nu1Mp1-8k5VA_EZmhoelTA6I2GCPBHD_8fI9kWcmWRi71bqZF&sig=Cg0ArKJSzO9Vc84K8V8UEAE&id=lidartos&mcvt=0&p=4399,436,4489,1164&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=531428060&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1693794611766&rpt=1739&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstShUcIyKrIsz_JxvQv3XDvk1Y552sISMN49jjvt-Pgrk9mLglsOOWU7VkcpFyiruJMBj4QU7SUqrvWqEqzmyNKhFBnlIRz-Rp7_wd_WcvA7Yj-24qci5zpTMzOvbl4&sig=Cg0ArKJSzKLxpPdkf43QEAE&id=lidartos&mcvt=0&p=4999,436,5089,1164&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230830&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=531428063&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=3&r=b&rst=1693794611825&rpt=1662&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

548 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| documentPictureInPicture object| marfeel object| mrf boolean| isMobileDevice function| $ function| jQuery function| validateEmail function| mobileMoveRight function| mobileMoveLeft function| ccbForcedQueries function| editorialForcedQueries function| resize_single_cols function| sfCustomFBShare function| putPersonCreate function| form_subscribe function| isElementInViewport object| Sha1 object| sfgs_data object| __core-js_shared__ object| _bt object| email_subscr function| get_cookie string| BOOMTRAIN_API_KEY_1 string| BOOMTRAIN_API_KEY_2 function| gtag object| dataLayer function| fbAsyncInit object| blogherads function| fbq function| _fbq object| _mag function| hj object| _hjSettings function| kwa object| se object| fs function| vglnk object| _qevents function| lightboxjs function| lightboxlib string| sbiajaxurl function| validatewEmail function| setCookie function| getCookie function| setMyCookie object| cookieOverlay object| cookieBottom object| $lightboxOverlay object| $lightboxBottom number| windowHeight number| windowWidth object| $lightboxOverlayContent object| $lightboxOverlayContentHTML object| $lightboxOverlayClose object| $lightboxOverlayImage undefined| lightboxOverlayImageWidth undefined| lightboxOverlayImageHeight object| visit object| expire object| $lightboxBottomContent object| $lightboxBottomContentHTML object| $lightboxBottomClose object| $lightboxBottomImage undefined| lightboxBottomImageWidth undefined| lightboxBottomImageHeight object| regeneratorRuntime number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| googletag object| pbjs function| requestSellwildBids function| initAdserver function| runWidgets object| __pmc_atlas_mg_webpack_jsonp__ object| MoatUA object| __pmc_atlasmg_pbjs object| _pbjsGlobals function| __uspapi object| google_tag_manager object| google_tag_data object| gaGlobal object| mobileMargins object| FB function| amazon_assoc_ir_f_call_associates_ads function| amazon_assoc_ir_f_call function| amzn_assoc_ad_spec_type object| amzn_assoc_ad_spec object| amzn_assoc_ad_async_spec object| adUnitDeliveryNetwork object| slotCounter function| cmManager object| amzn_assoc_cm boolean| amzn_assoc_enable_abs object| amzn_assoc_internal_params function| assocUtilsMaker object| amzn_assoc_utils object| amzn_assoc_ad object| blockedMarketPlacesJson object| blockedViewerCountriesJson function| amzn_assoc_jsonp_callback_adunit_0 function| amzn_assoc_client_cb_0 object| __OW_CONFIG__ object| webpackChunk_spotim_launcher object| TQ object| __SPOTIM__ object| __OPEN_WEB__ string| _skmPageViewId object| _comscore number| rhombusSiteId object| permutive string| GoogleAnalyticsObject function| ga object| pmc_atlasmg_ga4_datalayer object| DataLayer function| ___RMCMPW object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| BAMX function| P function| Composable object| BAMX_EVENT_DATA object| NRTV_EVENT_DATA object| NRTV_LINKMATE_DATA object| NRTV_CLICKMATE_DATA boolean| __v5k function| vl_cB function| vl_disable undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| quantserve function| __qc object| ezt object| _qoptions object| DIGIOH_API object| LIGHTBOX_API boolean| SENT_LIGHTBOX_PV undefined| jQuery17106977116656084099_1693794608071 object| PARSELY object| __buffer object| ggeac object| google_js_reporting_queue object| pbjsChunk object| flippxp object| auvars object| _aps boolean| apstagLOADED object| apstag object| process object| TCD0zQ2 function| TCD0zQ3 object| xop object| hvb88vuhgxs object| 1meuibv6zy80 object| GlobalSnowplowNamespace function| snowplowKW string| p1223358051 string| p1223358106 number| p1223358107 function| p1223358165 function| oAddDVTag_ function| oGetPageStats_ function| p1223358136 function| oGetSlotRenderedLineItemIdByDivId_ function| p1223358131 function| p1223358128 function| oDeleteHardcodeRefresh_ function| oRefreshHardcode_ function| p1223358125 function| oProdKPageViews_ function| oCheckDump_ function| oCheckProdK_ function| p1223358108 function| p1223358104 function| p1223358161 function| p1223358102 function| p1223358114 function| p1223358111 function| p1223358109 function| p1223358085 function| p1223358090 function| p1223358076 function| p1223358075 function| p1223358073 function| p1223358066 function| oEnableNullChecklistener_ function| p1223358118 function| p1223358057 function| oPageUnload function| p1223357986 function| p1223357991 function| oSetDataParam function| p1223358110 number| p1223357976 string| p1223357977 object| p1223357978 object| p1223357979 boolean| p1223357980 number| p1223357982 number| p1223357983 object| p1223358004 string| p1223358046 number| p1223357987 object| p1223358054 string| p1223358022 string| p1223358023 object| p1223358060 number| p1223358061 boolean| p1223358065 number| p1223358067 boolean| p1223358069 boolean| p1223358119 boolean| p1223358094 boolean| p1223358121 boolean| oObserverChanges_ boolean| p1223358120 boolean| p1223358122 boolean| oAudienceListenerEnabled_ object| p1223358071 string| oDevice string| p1223358159 number| p1223358162 string| oParentHostname_ string| oParentPathname_ boolean| p1223358072 boolean| p1223358074 number| p1223358089 boolean| p1223358091 number| p1223358092 object| p1223358081 object| oAdSlots_ object| otkjs boolean| p1223358112 boolean| p1223358113 object| optimeraInsights string| p1223358123 object| oLoadedAdImpressionDivs_ object| oTrackSlots_ object| p1223358134 object| p1223358135 boolean| oEnableInfiniteScrollUrls_ boolean| p1223358130 object| p1223358133 object| p1223358137 boolean| oHasStnVideo_ object| p1223358160 boolean| oActivateK_ object| oRPMCids_ object| oRPMHosts_ string| oUniqueId_ object| oDumpedDivs_ object| p1223358164 boolean| p1223358166 string| p1223358031 function| p1223357984 string| p1223357985 boolean| p1223358053 boolean| p1223358033 object| p1223358032 number| p1223358035 undefined| p1223358139 undefined| p1223358140 object| opbjs object| oaudLibjs object| ovpjs number| p1223358034 object| diagPixSentCodes object| __iasPET object| __iasAdRefreshConfig object| headertag undefined| google_measure_js_timing number| google_unique_id object| gaplugins object| gaData object| SPOTIM string| __OW_ENV__ string| __SPOTIM_ENV__ string| __SPOTIMENV__ string| __SPOTIM_PAGE_VIEW_ID__ object| p1223358059 object| oDv number| p1223357988 object| prodKObj string| oUrl_ object| COMSCORE object| ns_p function| kso_0_0x180919 function| kso_0_0x2e98 function| RhScanner function| kso_0_0x1ffd object| krg_so string| sc_rid object| SocialCanvas object| socialCanvas object| m101 boolean| mtz101Loaded function| extend object| config function| shoppingWidget function| priceComparison function| observeDom function| init object| hadron boolean| __halo_loaded__ function| docReady object| au object| autag function| handleMessageFromNative object| jQuery17106977116656084099 object| CtJL7S2 function| CtJL7S3 function| xblocker number| oIndex4_ number| p1223358003 object| oVa boolean| DFPMessageEnabled object| mly1Oy function| mly1OI object| xblacklist object| Snowplow object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_140 object| Criteo object| Criteo_identitytag_140 object| __uid2SecureSignalProvider object| __uid2 object| scpbjsChunk object| scpbjs object| mnet undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent object| _rmxd function| vglnk_16937946112086 undefined| vglnk_16937946112097 object| apscustom function| setImmediate function| clearImmediate object| ats object| lotame_sync_16576 function| ha object| webpackChunkgroundcontrol function| bootAd object| Audit object| STR undefined| vglnk_16937946115859 object| ID5 function| lotameIsCompatible function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_na object| sync16576_wa object| sync16576_xa function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_K function| sync16576_L function| sync16576_M function| sync16576_J function| sync16576_la function| sync16576_ma function| sync16576_N function| sync16576_O function| sync16576_oa function| sync16576_P function| sync16576_pa function| sync16576_qa function| sync16576_ra function| sync16576_Q function| sync16576_sa function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_R function| sync16576_S function| sync16576_ya function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_W function| sync16576_za function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Da function| sync16576_Aa function| sync16576_1 function| sync16576_Ca function| sync16576_Ba function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Fa function| sync16576_Ga function| sync16576_Ia function| sync16576_Ea function| sync16576_7 function| sync16576_Ha function| sync16576_Ka function| sync16576_Ja function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_La function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_$ function| sync16576_Pa function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa object| PublisherCommonId function| owActionQueue object| __id5_instances boolean| msgData function| Tapad object| __connect object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| webpackChunknotifications object| webpackChunkpitc function| __SPOTIM_DISABLE_ADS__ object| webpackChunkconversation object| __underground object| DD_LOGS function| avPlayer object| __SPOTIM_DEV_STORE__ object| __IntegralASExec object| storageAni object| freewheelssp_cache object| s object| __bt_intrnl number| google_global_correlator number| lnt_z object| sovrn

564 Cookies

Domain/Path Name / Value
www.shefinds.com/collections/walmart-packaging-change Name: cookie_two
Value: here
www.shefinds.com/iframe-modal Name: cookie_two
Value: here
.3lift.com/sync Name: sync
Value: CgoIgAIQxtmb8KUxCgoIgQIQjtmb8KUxCgoIggIQ8_Wb8KUxCgoIhwIQooub8KUxCgkICRCii5vwpTEKCQgLEI7Zm_ClMQoKCIsCEMbZm_ClMQoKCIwCEKKLm_ClMQoKCI4BEMbZm_ClMQoJCA4Q8_Wb8KUxCgoIjwIQtvqb8KUxCgoIkAIQ8_Wb8KUxCgoIkQIQjtmb8KUxCgoIkgIQjtmb8KUxCgoIkwIQ8_Wb8KUxCgoIlAIQxtmb8KUxCgoIlQIQ8_Wb8KUxCgoIlgIQ8_Wb8KUxCgoImgEQtvqb8KUxCgkIGxCO2ZvwpTEKCgidAhDG2ZvwpTEKCgieAhC2-pvwpTEKCQgfEKKLm_ClMQoKCJ8CELb6m_ClMQoKCKEBEKKLm_ClMQoKCKICELb6m_ClMQoJCCQQtvqb8KUxCgoIqAIQtvqb8KUxCgoIrAIQjtmb8KUxCgoIrQIQjtmb8KUxCgoIsAIQ8_Wb8KUxCgoIsQIQtvqb8KUxCgoIswIQ8_Wb8KUxCgoItAIQooub8KUxCgoItQIQtvqb8KUxCgoIuAEQtvqb8KUxCgkIORDG2ZvwpTEKCQg6EKKLm_ClMQoJCD8Q8_Wb8KUxCgkISRCO2ZvwpTEKCgjOARCO2ZvwpTEKCgjWARDG2ZvwpTEKCgjeARCO2ZvwpTEKCQhfEKKLm_ClMQoKCOIBEKKLm_ClMQoKCOMBEMbZm_ClMQoKCOYBEKKLm_ClMQoKCOcBEMbZm_ClMQoKCPsBEPP1m_ClMQoKCP8BEMbZm_ClMQ==
i6.liadm.com/s Name: _li_ss
Value: CgA
i.liadm.com/s Name: _li_ss
Value: ChMKCQj_____BxCCFgoGCKIBEPgV
.shefinds.com/ Name: btIdentify
Value: 259d276d-ed21-4016-92f4-e53f65257c77
.shefinds.com/ Name: _bti
Value: %7B%22bsin%22%3A%22%22%7D
.shefinds.com/ Name: _bts
Value: 4edaba1e-c662-46e8-871f-59ec5c2fe1b1
.lightboxcdn.com/ Name: _cfuvid
Value: 33P6AlsT0bZtvUVcCYnJGJbaPJONhAp.RAAoQggr8r4-1693794607248-0-604800000
.shefinds.com/ Name: pmc_atlasmg_id
Value: 92e47ef3-e5e4-4a9c-b6d4-2eb82813f2e5
.rev-stripe.com/ Name: piuid
Value: 57cf3fabbebe8b48be08a043e9d1c230
.shefinds.com/ Name: __td_signed
Value: true
.shefinds.com/ Name: _td
Value: 8f661645-db4d-4209-8b5c-29b489413951
.shefinds.com/ Name: __td_blockEvents
Value: false
www.shefinds.com/ Name: ntv_as_us_privacy
Value: 1---
.narrativ.com/ Name: uid_bam
Value: 1818698112763718562
.reddit.com/ Name: loid
Value: 000000000izfpc3fa9.2.1693794608032.Z0FBQUFBQms5VUV3dlV0aHpoV3VLdHFicldWZGwtVXVfSHF3Qm9qQUVJSnBGVms1WGxncXBIdUVvdThmSkw3bEdGWmJKeTRzeTNXT3dFLVRuY1g1UU82azQwY0c5WHhuUWgxUFVYUGtvaFIxMERDTDZoUm10UTlpU3lNSTR1WE5fVThHN0dnTjNTTWc
.amazon-adsystem.com/ Name: ad-id
Value: A3M5yv7OVksdqo0mwKqYbfM
.shefinds.com/ Name: _au_1d
Value: AU1D-0100-001693794608-24SKF765-H653
.shefinds.com/ Name: _au_last_seen_pixels
Value: eyJhcG4iOjE2OTM3OTQ2MDgsInR0ZCI6MTY5Mzc5NDYwOCwicHViIjoxNjkzNzk0NjA4LCJydWIiOjE2OTM3OTQ2MDgsInRhcGFkIjoxNjkzNzk0NjA4LCJhZHgiOjE2OTM3OTQ2MDgsImdvbyI6MTY5Mzc5NDYwOCwic29uIjoxNjkzNzk0NjA4LCJ1bnJ1bHkiOjE2OTM3OTQ2MDh9
.shefinds.com/ Name: _fbp
Value: fb.1.1693794608250.1701952099
.shefinds.com/ Name: _ga_CGRZHQ8KQD
Value: GS1.1.1693794608.1.0.1693794608.60.0.0
.shefinds.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.shefinds.com/collections/walmart-packaging-change/%22%2C%22sref%22:%22%22%2C%22sts%22:1693794608327%2C%22slts%22:0}
.shefinds.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=04bce0ebe77cd9857061808a68b66e5f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1693794608327}
.postrelease.com/ Name: visitor
Value: 2abeedff-f0d9-4697-a17f-9a9623ab22db
.adnxs.com/ Name: uuid2
Value: 2535980227366638075
.lightboxapi.azurewebsites.net/ Name: TiPMix
Value: 91.49357558119658
.lightboxapi.azurewebsites.net/ Name: x-ms-routing-name
Value: self
.tapad.com/ Name: TapAd_TS
Value: 1693794608495
.tapad.com/ Name: TapAd_DID
Value: f3a6c746-4028-425d-8997-c0b7dc5b7eac
.adsrvr.org/ Name: TDID
Value: 3175ac58-0d9d-47aa-b429-d8f42e050f30
.go.sonobi.com/ Name: __uis
Value: 07f064bb-75b8-42f3-a993-2e9dec53f3bc
.rubiconproject.com/ Name: khaos
Value: LM49KSCX-B-B1NA
.shefinds.com/ Name: kw.session_ts
Value: 1693794608561
.shefinds.com/ Name: kw.pv_session
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
.doubleclick.net/ Name: IDE
Value: AHWqTUmJ1XeUwDZb0H8tr0DINT0JzbkgYNSds1Zvr3MYCBz_A8zPfCCX8vFprUc8LQQ
.shefinds.com/ Name: _ga
Value: GA1.2.1789139906.1693794608
.shefinds.com/ Name: _gid
Value: GA1.2.723450144.1693794609
.shefinds.com/ Name: _gat_pmcBoomerang
Value: 1
.liadm.com/ Name: lidid
Value: 2cb0d09f-970d-456e-be4b-50f8818385a0
.rkdms.com/ Name: sessionid
Value: h-8fd26a32edfa9a361fe17715c83ae857_t-1693794608
.scorecardresearch.com/ Name: UID
Value: 1642acb73c72fa3a21434e61693794608
www.shefinds.com/ Name: ntvSession
Value: {"id":6856509,"placementID":1095776,"lastInteraction":1693794608840,"sessionStart":1693794608840,"sessionEndDate":1693821600000,"experiment":""}
www.shefinds.com/ Name: _ntv_uid
Value: 2abeedff-f0d9-4697-a17f-9a9623ab22db
.shefinds.com/ Name: _hjSessionUser_368258
Value: eyJpZCI6IjIwZThkMTZhLTdiMzUtNWVjNS1hNWYyLTFlOGFkNTVlNWU3MiIsImNyZWF0ZWQiOjE2OTM3OTQ2MDg4ODYsImV4aXN0aW5nIjpmYWxzZX0=
.shefinds.com/ Name: _hjFirstSeen
Value: 1
.shefinds.com/ Name: _hjIncludedInSessionSample_368258
Value: 0
.shefinds.com/ Name: _hjSession_368258
Value: eyJpZCI6IjEwMDY4ZWJmLTE0ZGQtNGEyMi1hYWQ2LWIzNzYxMjllMjBjNSIsImNyZWF0ZWQiOjE2OTM3OTQ2MDg4ODcsImluU2FtcGxlIjpmYWxzZX0=
.quantserve.com/ Name: mc
Value: 64f54130-d5a8b-52d49-48a62
.postrelease.com/ Name: ver
Value: 1
.shefinds.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
www.shefinds.com/ Name: flipp-uid
Value: 360bc6e7-ada9-4f46-ae29-aed96e573ae7
.shefinds.com/ Name: permutive-id
Value: b10f1680-a6f7-4e6e-8f05-6311e1399ca3
.spot.im/ Name: device_uuid
Value: 0d352daf-04c4-4bf7-b665-23cc0cfe7134
.3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co/ Name: pxid
Value: 2103e144-531a-4df7-b2a7-3508f0730bfb
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005%22%7D
.shefinds.com/ Name: __gads
Value: ID=f4365ba33414e7f6:T=1693794608:RT=1693794608:S=ALNI_MazNz2hq7EamHvgy9Von-nafnO9QQ
.shefinds.com/ Name: __gpi
Value: UID=000009fc561c41f6:T=1693794608:RT=1693794608:S=ALNI_MbKlL1TgVc1-vhqOeuMOl23b4vyjg
.shefinds.com/ Name: __qca
Value: P0-689168086-1693794608050
.p.flipp.com/ Name: gid
Value: "EopyCQAMomFHb/LmImpIgw=="
.shefinds.com/ Name: _sp_ses.20dc
Value: *
.shefinds.com/ Name: _sp_id.20dc
Value: 62e3d955-cd58-416d-8e7c-01853b1d17ff.1693794610.1.1693794610.1693794610.9f5b1e24-6847-4a86-8f02-6bddbd47e406
.criteo.com/ Name: uid
Value: 7919c3fc-c7fb-4cfb-a3b1-4120d680e18a
ads.bidstreamserver.com/ Name: AVPUID
Value: a9a33b8e3a70c753a3162b05e9875080
www.shefinds.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.shefinds.com/ Name: _lr_retry_request
Value: true
www.shefinds.com/ Name: _lr_env_src_ats
Value: false
.pippio.com/ Name: did
Value: ZX4fGYQkH8XUXBDC
.pippio.com/ Name: didts
Value: 1693794611
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CLOC1acGEgYIgr0rEAA=
.viglink.com/ Name: vglnk.Agent.p
Value: 77fe38b6038d847d6ee7e82402330055
.linkedin.com/ Name: li_sugr
Value: 93c08194-3d91-46a2-80fc-731e86df6a32
.linkedin.com/ Name: bcookie
Value: "v=2&250ad5e7-6657-415e-8392-94f02145f72d"
.linkedin.com/ Name: lidc
Value: "b=OGST02:s=O:r=O:a=O:p=O:g=2998:u=1:x=1:i=1693794611:t=1693881011:v=2:sig=AQEuB0R5W0Cgn0KpI59rgEHBnkBh1waU"
www.shefinds.com/ Name: _lr_geo_location
Value: US
www.shefinds.com/ Name: _lr_geo_location_state
Value: NY
.justpremium.com/ Name: jpxumaster
Value: r-f3412c69-cbae-4c6a-90f9-9d209ed75f92-158832-168593113
.justpremium.com/ Name: jpxsession
Value: r-396c8570-9e05-42ce-93d9-0bcd4c00af97-158832-168657498
.justpremium.com/ Name: jpxuuid
Value: r-c523c23d-85ee-407e-a00c-a273ad22395c-158832-168693042
.justpremium.com/ Name: 119344_446567
Value: 0_0_0
.justpremium.com/ Name: 119344_446570
Value: 0_0_0
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: vst
Value: u_0bf2bdef-6a6e-425f-bda4-fe041801fa71
.lijit.com/ Name: ljt_reader
Value: HQzWZQZHTprevADoQOeL11M1
.kargo.com/ Name: ktcid
Value: f6ca235b-d843-015c-1e47-a5606cdca03c
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.a-mo.net/ Name: amuid2
Value: c38e02b2-2b01-4a8f-865b-88eb3fbaa415
.prebid.a-mo.net/ Name: sd_amuid2
Value: c38e02b2-2b01-4a8f-865b-88eb3fbaa415
.undertone.com/ Name: UTID
Value: 240ab8accf13429baf1eb69921bd87db
.undertone.com/ Name: UTID_ENC
Value: 24td0frjcg4v9teczygazdi3f
.seedtag.com/ Name: st_uid
Value: b3de416f-ef0b-48fa-ac86-365569b4d0d4
.seedtag.com/ Name: st_ssp
Value: Y291bnRyeV9uYW1lPVVuaXRlZCBTdGF0ZXMmY291bnRyeV9pc28yPVVTJmNvdW50cnlfaXNvMz1VU0EmcmVnaW9uX25hbWU9TmV3IFlvcmsmcmVnaW9uX2lzbzI9TlkmY2l0eV9uYW1lPUJ1ZmZhbG8mbG9uZ2l0dWRlPS03OC44OTI3JmxhdGl0dWRlPTQyLjg4NjcmbWV0cm89NTE0JnppcD0xNDIwMg==
.yahoo.com/ Name: A3
Value: d=AQABBDRB9WQCEGWngoVRBqSQ7-nR72IRbOoFEgEBAQGS9mT_ZNxH0iMA_eMAAA&S=AQAAAqPOXUGCuamKmWSCxAK1-ME
www.shefinds.com/ Name: TAPAD
Value: %7B%22id%22%3A%228e2caf9b-fd50-48f6-9c1b-7bd6ae71cd21%22%7D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: bb2ddcc4c0609da514c394ec081f81fd
.shefinds.com/ Name: _cc_id
Value: bb2ddcc4c0609da514c394ec081f81fd
.shefinds.com/ Name: panoramaId_expiry
Value: 1693881013404
.smaato.net/ Name: SCM
Value: e5563551d8
.smaato.net/ Name: SCMaps
Value: e5563551d8
.lijit.com/ Name: ljtrtbexp
Value: eJyrVrIwULIyNLM0NTAwMTI01lGyNEflWxij8c3Q1Jsg82sBlmgQOA%3D%3D
.smartadserver.com/ Name: pid
Value: 990277896830277133
.contextweb.com/ Name: V
Value: y2aI2Ueo8q3c
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 821457ce52ef2443
.openx.net/ Name: i
Value: 55a97d1d-03ea-0ad2-028d-aa26c4104e16|1693794613
.admanmedia.com/ Name: admtr
Value: c71bb500-7d1c-4182-b47d-bb1d4ea32a08
.simpli.fi/ Name: suid
Value: C14E48D5177140E2A6F7C142966EB206
.minutemedia-prebid.com/ Name: wrvUserID
Value: U2evU2M-Cp_mm
.turn.com/ Name: uid
Value: 3723847017943428256
.3lift.com/ Name: tluid
Value: 4187545677285024608258
.media.net/ Name: visitor-id
Value: 3367962136634934000V10
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.blismedia.com/ Name: b
Value: 64F54135CB651D785D3403B7BLIS
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZPVBNgANs6j7wQAb
.bidswitch.net/ Name: c
Value: 1693794614
.bidswitch.net/ Name: tuuid_lu
Value: 1693794614
.outbrain.com/ Name: obuid
Value: e9edcd6a-d276-4941-9980-64c066b551b6
.360yield.com/ Name: tuuid_lu
Value: 1693794614
.360yield.com/ Name: tuuid
Value: cf3d1abc-8c5c-4479-a90c-615ee6ecc762
.deepintent.com/ Name: CDIUSER
Value: di_a1f61cad865644a2aaed7
.advertising.com/ Name: A3
Value: d=AQABBDZB9WQCEOkful94vh_wTMfJKVSFPR4FEgEBAQGS9mT_ZNxH0iMA_eMAAA&S=AQAAAqITv4ZxoUWmP05yLrY3AxY
.omnitagjs.com/ Name: ayl_visitor
Value: d99fc1948fa396f0fdd7e4c9f13a0c3a
.bidswitch.net/ Name: tuuid
Value: 54d10197-cb46-413a-91f9-8e6ea8d9de90
.casalemedia.com/ Name: CMID
Value: ZPVBNe7xTpdYaMRGxHT2EAAA
.casalemedia.com/ Name: CMPS
Value: 468
.casalemedia.com/ Name: CMPRO
Value: 468
.ads.yieldmo.com/ Name: re_sync
Value: unl%3D1177086%7Ct%3D1177086%7Cdv360%3D1177086%7Cpub%3D1177086%7Can%3D1177086
.sitescout.com/ Name: ssi
Value: 114017e0-4825-40b1-8ed4-49415eca2f63#1693794614123
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1cb89387-68b2-5299-7f97-b3590a1ca813.Hj1CN3eB4bMuMqzSjolWhXCjIOt4kqoOzY8ZzKw%2B2MU
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-1cb89387-68b2-5299-7f97-b3590a1ca813.Hj1CN3eB4bMuMqzSjolWhXCjIOt4kqoOzY8ZzKw%2B2MU
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHLiTh2iyUpl_l7NZChyoE2AJ-S0.Ga5j%2BrHWkt4gfaJpLUdmS3peiReQWj%2FMsadveOMsCoM
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AHLiTh2iyUpl_l7NZChyoE2AJ-S0.Ga5j%2BrHWkt4gfaJpLUdmS3peiReQWj%2FMsadveOMsCoM
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOPy9RwmqbzZgJQf5n_DVj1_sigY0XPXFVGoYyoQtRSAEHwYBCC2gtWnBjABOgRDMKv5QgTkiIva.VNOfowH%2FUXu6c8shPEoRUK%2FhbcE0I6eC8TCBoeW1kEI
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIOPy9RwmqbzZgJQf5n_DVj1_sigY0XPXFVGoYyoQtRSAEHwYBCC2gtWnBjABOgRDMKv5QgTkiIva.VNOfowH%2FUXu6c8shPEoRUK%2FhbcE0I6eC8TCBoeW1kEI
.ipredictive.com/ Name: cu
Value: 9be4ed3c-c4eb-4966-94aa-5a7f63709496|1693794614133
.mfadsrvr.com/ Name: tuuid
Value: ad3c3e1d-5562-463a-9909-5fe7873052b0
.mfadsrvr.com/ Name: c
Value: 1693794614
.mfadsrvr.com/ Name: tuuid_lu
Value: 1693794614
.creativecdn.com/ Name: ts
Value: 1693794614
.creativecdn.com/ Name: u
Value: BfCE3hDnG2SOJFTOP3fi
.yieldmo.com/ Name: yieldmo_id
Value: 3Rc7sqqnn7qxF4WMAfRB%7C1693785600000%7C0
.zemanta.com/ Name: zuid
Value: tBqhGL_SEgdE6TJQpXUm
.technoratimedia.com/ Name: tads_uidp_88
Value: 4615069427655407452097
.technoratimedia.com/ Name: tads_uidp_44
Value: LM496KS1-1S-L5YC
.technoratimedia.com/ Name: tads_uidp_45
Value: 33EAD8FF-CDBC-4FB2-8DA7-00F4584842DA
.technoratimedia.com/ Name: tads_uidp_46
Value: 1589131896659820271
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e29f957-8bcf-4dd8-bc1b-49b147223133
.technoratimedia.com/ Name: tads_uidp_49
Value: AQELOZhnzTp2yQJMCS5RAQEBAQE
.technoratimedia.com/ Name: tads_uidp_90
Value: dd6efeea-2c59-4a87-b0ac-dbac85afd4f7
.technoratimedia.com/ Name: tads_uidp_91
Value: 2048915037081700588brt56841675014149615267a0
.technoratimedia.com/ Name: tads_uidp_70
Value: 1622253365053-949194170222-008367-009-004841
.technoratimedia.com/ Name: tads_uidp_50
Value: 3af0f6af-ae50-4323-affc-1024f6fe97ae
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-404d9ff1-0937-4322-a398-465c412085d4-005
.technoratimedia.com/ Name: tads_uidp_77
Value: s7VXlt3DW1UuqwQrmsXerLnWLIjKAf2X2MY8BWzPSEI
.technoratimedia.com/ Name: tads_uidp_79
Value: 769ccb13-8efa-48d5-8e82-a31f28b8379f
.technoratimedia.com/ Name: tads_uidp_37
Value: f9adef75-5298-3b17-8b7d-3d999bc725ae
.technoratimedia.com/ Name: tads_uidp_16
Value: 1543803565212
.technoratimedia.com/ Name: tads_uidp_7
Value: 965e1a7d-2e7e-4479-8d0c-a94bb2e46f6c
.technoratimedia.com/ Name: tads_uidp_80
Value: y-zn6lpSFE2uEH8J7JtyFPnnFoV89Hw70P~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZPU.noocDKfEp0t0SfkhqwAA&1351
.technoratimedia.com/ Name: tads_uidp_61
Value: 212258620937521
.technoratimedia.com/ Name: tads_uidp_83
Value: XDRyPC3y39Ya
.technoratimedia.com/ Name: tads_uidp_62
Value: 3367955506634972000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: W5BFCOXHMFq4urrHHBABzMXkCcF3JDRt
.technoratimedia.com/ Name: tads_uid
Value: 82F235EFF1234674BB5C958FB6785F44
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230827170929+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1687042535605
.yellowblue.io/ Name: wrvUserID
Value: wTUvU2M-kp_s
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.bfmio.com/ Name: __106_cid
Value: 3175ac58-0d9d-47aa-b429-d8f42e050f30
.socdm.com/ Name: SOC
Value: ZPVBNsCo8YsAANAJGzcAAAAA
.openx.net/ Name: univ_id
Value: 537072971|3175ac58-0d9d-47aa-b429-d8f42e050f30|1693794614544649
.bfmio.com/ Name: __157_cid
Value: y-ckVmJTJE2pKi4v2wCdSfjOoWXITkVl9TAwcsDQKOsw--~A
.bfmio.com/ Name: __169_cid
Value: 3723847017943428256
.bfmio.com/ Name: __io_cid
Value: 3175ac58-0d9d-47aa-b429-d8f42e050f30
.33across.com/ Name: 33x_ps
Value: u%3D212166994878779%3As1%3D1693794614398%3Ats%3D1693794614398
.bluekai.com/ Name: bku
Value: ikG99ejO2VEmDuLk
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-4f867a1b-6879-32bb-80d3-9cd54c47b89c
.adgrx.com/ Name: ADGRX_UID
Value: fae2f914-4aca-11ee-872e-d4bc0acdf791
.sharethrough.com/ Name: stx_user_id
Value: cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
.server.cpmstar.com/ Name: USER_ID
Value: %da%b5%ea%40%af%a0%84%09%a5%5cy%ec%12%e55
.mathtag.com/ Name: uuid
Value: d0a664f5-4137-4e00-931c-0b407a189fe2
.krxd.net/ Name: _kuid_
Value: PxmqKPZY
.demdex.net/ Name: demdex
Value: 48096718709407920331769723118062651737
.spotim.market/ Name: vmuid
Value: afb42d02c4c3c298
.spotim.market/ Name: a271858
Value: 2535980227366638075
.spotim.market/ Name: a290146
Value: y-i9UQTq5E2uELVMrWy5FC9mIv3yPy6I5T~A
.addthis.com/ Name: ouid
Value: 64f5413700017363a44e04d780d05ba4348037ccdead7be64d06
.addthis.com/ Name: uid
Value: 64f54137376f3f2b
.addthis.com/ Name: na_id
Value: 2023090402301540400674715496
.bfmio.com/ Name: __187_cid
Value: A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
.media.net/ Name: data-ris
Value: {{APID}}~~25
.ads.yieldmo.com/ Name: ptran
Value: 2535980227366638075
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
.ads.yieldmo.com/ Name: ptrt
Value: 3175ac58-0d9d-47aa-b429-d8f42e050f30
.dpm.demdex.net/ Name: dpm
Value: 48096718709407920331769723118062651737
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:C14E48D5177140E2A6F7C142966EB206&KRTB&23486-uid:C14E48D5177140E2A6F7C142966EB206&KRTB&23489-uid:C14E48D5177140E2A6F7C142966EB206
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECgGmkStI0186o2kh9a1bIk&KRTB&23025-CAESECgGmkStI0186o2kh9a1bIk&KRTB&23386-CAESECgGmkStI0186o2kh9a1bIk
.undertone.com/ Name: UID_EXT_54
Value: 114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
.undertone.com/ Name: UID_EXT_47
Value: LM49KSCX-B-B1NA
.undertone.com/ Name: UID_EXT_56
Value: y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
.undertone.com/ Name: UID_EXT_46
Value: 3175ac58-0d9d-47aa-b429-d8f42e050f30
.undertone.com/ Name: UID_EXT_39
Value: cd682563-aac2-0946-32de-7d09579b5db9
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-3175ac58-0d9d-47aa-b429-d8f42e050f30&KRTB&22918-3175ac58-0d9d-47aa-b429-d8f42e050f30&KRTB&23031-3175ac58-0d9d-47aa-b429-d8f42e050f30
.undertone.com/ Name: UID_EXT_57
Value: ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
.bing.com/ Name: MUID
Value: 259DB3C8CF0765721CFFA04ACE65640C
.c.bing.com/ Name: MR
Value: 0
.ads.yieldmo.com/ Name: ptrunl
Value: RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
.undertone.com/ Name: UID_EXT_53
Value: A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
.bfmio.com/ Name: __181_cid
Value: 114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3723847017943428256&KRTB&23150-3723847017943428256
.contextweb.com/ Name: ccpa
Value: 1---
.exelator.com/ Name: EE
Value: "902c7b8ae5b1179234539a80b97cd803"
.ads.yieldmo.com/ Name: ptrpub
Value: A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.clientgear.com/ Name: mkuuid
Value: mkd002e9cdf4304d528c3cc18839fc8eac
.tynt.com/ Name: uid
Value: OsdIZmT1QTlOQtURML83zw==
.sportradarserving.com/ Name: zuuid
Value: 2bdc259d-04e5-4b52-a832-28365078b2a0
.sportradarserving.com/ Name: c
Value: 1693794617
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHSwCjZPMkiMdU0ydDQ3NLI2MTU2DLRwiDJ0jw5xcLAeHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6otDgxUUpaQyLSopPBR%252FVZwYAdB4pIA%253D%253D"
.company-target.com/ Name: tuuid
Value: edee8b52-66cf-4865-b85b-7a92b8bcf9d0
beacon.lynx.cognitivlabs.com/ Name: UID
Value: e5cf3b29-2099-4e63-9375-b14659614e64
.mookie1.com/ Name: id
Value: 10594155179152629092
.mookie1.com/ Name: mdata
Value: 1|10594155179152629092|1693794617823
.mookie1.com/ Name: ov
Value: b23e25a8b444d4fcf9f25a85adf331b3
.adx.opera.com/ Name: UID
Value: OPU641abfc9db6847f0ab54e557609fb367
.creative-serving.com/ Name: tuuid
Value: e41e7122-527b-422a-9179-0dca1a6ecede
.creative-serving.com/ Name: c
Value: 1693794617
.richaudience.com/ Name: pdid
Value: 3cef9c40-0887-435c-b965-1zz1693794609
.postrelease.com/ Name: status
Value: 1
.sportradarserving.com/ Name: zuuid_lu
Value: 1693794618
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1693794618
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnX4XCY5r9eggCJy96RLLLKvw85mcsQLV6e_M7uedwxqZCGcDMkPNoKXj0lbMC0
.admixer.net/ Name: am-uid
Value: 1882bd9c06394597afd765bbe1527374
.smilewanted.com/ Name: sw_user_params_infos
Value: lRZ4%2B4BjGB75GCG4angrK2fJCZE2fag4wJLcjOyIcsMqfMfpJ%2Bjjpnak7w4A8upzB0ez%2FngDZp4l9P6xMOt%2B57%2BijuiniMxtRvd%2Bz%2FHXSn8quBPOzEoqIVuxjhRTRAxP6PcvRbVgtkyqXnnnfoUpoQ%3D%3D
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_fa62105b-1ea0-43c2-a9ed-ad988e2eedd1
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAMo9ZT9AiwLAN9sdcnAAAAAAA&KRTB&22713-AAAMo9ZT9AiwLAN9sdcnAAAAAAA&KRTB&22715-AAAMo9ZT9AiwLAN9sdcnAAAAAAA&KRTB&23519-AAAMo9ZT9AiwLAN9sdcnAAAAAAA
.bidr.io/ Name: bito
Value: AACX7E7J6oIAACoiJc0fIg
.bidr.io/ Name: bitoIsSecure
Value: ok
.creative-serving.com/ Name: tuuid_lu
Value: 1693794618
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiYzM4ZTAyYjItMmIwMS00YThmLTg2NWItODhlYjNmYmFhNDE1IiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDI6MzA6MTguNzkyMDM2MDMzWiJ9fX0=
.a-mx.com/ Name: amuid2
Value: c38e02b2-2b01-4a8f-865b-88eb3fbaa415
.taboola.com/ Name: t_gid
Value: 68f45103-968d-4089-82b0-411437736996-tuctbeec6ba
.pubmatic.com/ Name: SyncRTB3
Value: 1695081600%3A35%7C1696377600%3A224%7C1694995200%3A238_71_104_220_233_56_54_239_3_165_178_234_214_250_46_204_81_166_176_99_13_55_5_96_243_8_48_22_249_21_231_240_264%7C1694390400%3A15_38_223_2%7C1698969600%3A69%7C1694649600%3A63
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-9be4ed3c-c4eb-4966-94aa-5a7f63709496&KRTB&23011-9be4ed3c-c4eb-4966-94aa-5a7f63709496&KRTB&23355-9be4ed3c-c4eb-4966-94aa-5a7f63709496
.prebid.a-mo.net/ Name: _sv3_6
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.adform.net/ Name: uid
Value: 640113117700930142
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: e2796388-aa83-53f7-8a8c-6ae8ee792bd3
.shefinds.com/ Name: _pubcid
Value: d97c4339-b959-448c-8222-96c0c7a2480c
.spotim.market/ Name: a644680
Value: 4187545677285024608258
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-fae2f914-4aca-11ee-872e-d4bc0acdf791&KRTB&23275-fae2f914-4aca-11ee-872e-d4bc0acdf791
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-go-ic4CK93aZ3_EnjNnpc4bf8H-Zj_wngolFna6g&KRTB&19420-go-ic4CK93aZ3_EnjNnpc4bf8H-Zj_wngolFna6g&KRTB&22979-go-ic4CK93aZ3_EnjNnpc4bf8H-Zj_wngolFna6g&KRTB&23403-go-ic4CK93aZ3_EnjNnpc4bf8H-Zj_wngolFna6g
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_a1f61cad865644a2aaed7
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2535980227366638075&KRTB&23339-2535980227366638075
.spot.im/ Name: access_token
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6IiIsInZlcmlmaWVkIjpmYWxzZSwidXNlcl9pZCI6InVfWHFWU21IcVMzbWhwIiwiZGlzcGxheV9uYW1lIjoiR29sZFNlYWhvcnNlIiwidXNlcl9uYW1lIjoiR29sZFNlYWhvcnNlIiwicmVnaXN0ZXJlZCI6ZmFsc2UsImltYWdlX2lkIjoiI0dvbGQtU2VhaG9yc2UiLCJyb2xlcyI6W10sInNzb19kYXRhIjpudWxsLCJwcm92aWRlcnMiOm51bGwsInJlcHV0YXRpb24iOnt9LCJzcG90X2lkIjoic3BfQmJ5bGdTYksiLCJsYXN0X2NoZWNrIjoxNjkzNzk0NjEzLCJ2ZXJzaW9uIjoyLCJ4LXNwb3RpbS10b2tlbiI6IjAxMjMwOTA0MzZVVEVaLjYwY2EwNzI0MzkwMjZhYWJiOTJlNWEwY2VhZmU3ZGI3YTJmNjkxYWY1MzM1OGMwZDM5Zjc5YjMzY2FkZjQ1MzMiLCJwZXJtaXNzaW9ucyI6bnVsbCwic3BvdGltLWRldmljZS12MiI6ImRfak5iQnVqbEpGVnJGbkxJem9qaHEiLCJuZXR3b3JrIjp7Im5ldHdvcmtfaWQiOiJzcG90aW0iLCJuZXR3b3JrX25hbWUiOiJzcG90aW0iLCJuZXR3b3JrX2ltYWdlX2lkIjoiaWNvbi1zcG90aW1fMnhfbXBzbnRrIiwibmV0d29ya19jb2xvciI6IiMzMDdGRTIifSwic3BvdF9uYW1lIjoiIiwiZG9tYWluIjoiIiwicm9sZXNfbnVtYmVyIjowLCJ0ZW1wX3VzZXIiOmZhbHNlLCJleHAiOjE3MjIyMTY2MTMsInN1YiI6InVfWHFWU21IcVMzbWhwIn0.DyXOAZDGk1SMseij3V3pEHaBohLQvabb42YgXQ7-ZSE
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.richaudience.com/ Name: avcid-sov-uid
Value: HQzWZQZHTprevADoQOeL11M1
.spotim.market/ Name: a482928
Value: bfdbcd8b-13f2-06cc-33d7-a2db216cbf66
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQwNDYwNTA3MjY2NzAwMTY0shDiM9QtSPb18slxzCkNCnAHAGSjCbMlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQwNDYwNTA3MjY2NzAwMTY0shDiM9QtSPb18slxzCkNCnAHAGSjCbMlAAAA
.richaudience.com/ Name: avcid-bsx-uid
Value: AACX7E7J6oIAACoiJc0fIg
.richaudience.com/ Name: avcid-smw-uid
Value: de826e317f70a0b3dfe489aa3aeab830
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACX7E7J6oIAACoiJc0fIg
.richaudience.com/ Name: avcid-ont-uid
Value: PwfHdyU0ZcLOOGtQfSftrVZzAMZEcisJMrNaJBITPSM
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R35CA5_10874D1AA_4C1A5CCE&KRTB&23092-R35CA5_10874D1AA_4C1A5CCE
a.clickcertain.com/ Name: _ccpx_u
Value: 01940ca9%2d0576%2d4940%2d949a%2d9d054abfc25a
.aniview.com/ Name: aniC
Value: 1693794619884-964393778739-001213-003-001685
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1813050723370043128
.pubmatic.com/ Name: DPSync3
Value: 1694995200%3A236_256_259_262_260_258_263_201_261_245%7C1694822400%3A257%7C1694390400%3A265_252_253%7C1693872000%3A255_248
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&KRTB&23413-A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&KRTB&23479-A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&KRTB&23505-A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-HLiTh2iyUpl_l7NZChyoE2AJ-S0&KRTB&23334-HLiTh2iyUpl_l7NZChyoE2AJ-S0&KRTB&23417-HLiTh2iyUpl_l7NZChyoE2AJ-S0&KRTB&23426-HLiTh2iyUpl_l7NZChyoE2AJ-S0
.acuityplatform.com/ Name: auid
Value: 822877106412
ads.playground.xyz/ Name: connect.sid
Value: s%3AnBZvfqz5DY14i1VLR3NKs4rdNoO0sczS.BKSFEb2TW94IVRtHD0C9BRwKa2fVhj%2FbWzeTXX%2Fw6Cg
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU641abfc9db6847f0ab54e557609fb367&KRTB&23485-OPU641abfc9db6847f0ab54e557609fb367
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-e5cf3b29-2099-4e63-9375-b14659614e64&KRTB&23340-e5cf3b29-2099-4e63-9375-b14659614e64&KRTB&23498-e5cf3b29-2099-4e63-9375-b14659614e64
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-822877106412&KRTB&23428-822877106412
.w55c.net/ Name: wfivefivec
Value: F06qlvKX1QCZm45
.inmobi.com/ Name: idsp_c
Value: 26c6c033-d97e-49a0-be28-26a6939408b0
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:F06qlvKX1QCZm45&KRTB&23421-uid:F06qlvKX1QCZm45
.owneriq.net/ Name: si
Value: Q7470810201041396218P
.owneriq.net/ Name: pmc
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: 57b10a06-895d-4b19-937b-e28030e81a4e.463008620
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005&KRTB&17107-RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
.c.appier.net/ Name: _auid
Value: aSNLhRAjA0awXQ-rPEH1ZA
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553&KRTB&23418-114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-aSNLhRAjA0awXQ-rPEH1ZA
.ads.stickyadstv.com/ Name: UID
Value: 67f88371642fb974ef46ebde1ff8a6
.go.sonobi.com/ Name: __uqc
Value: 1
.go.sonobi.com/ Name: __uin_iq
Value: 1
.go.sonobi.com/ Name: __uir_iq
Value: 21259820
.go.sonobi.com/ Name: __uin_z1
Value: 1
.go.sonobi.com/ Name: __uir_z1
Value: 21259820
.go.sonobi.com/ Name: __uin_tp
Value: 1
.go.sonobi.com/ Name: __uir_tp
Value: 21259820
.go.sonobi.com/ Name: __uin_th
Value: 1
.go.sonobi.com/ Name: __uir_th
Value: 21259820
.go.sonobi.com/ Name: __uin_ex
Value: 1
.go.sonobi.com/ Name: __uir_ex
Value: 21259820
.go.sonobi.com/ Name: __uin_a9
Value: 1
.go.sonobi.com/ Name: __uir_a9
Value: 21259820
.go.sonobi.com/ Name: __uin_i5
Value: 1
.go.sonobi.com/ Name: __uir_i5
Value: 21259820
ads.avct.cloud/ Name: uuid
Value: a7d3cd70-86de-48b7-a433-d7ee488fb1bf
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-640113117700930142&KRTB&23263-640113117700930142&KRTB&23481-640113117700930142
.aniview.com/ Name: 1_C_23
Value: 6aee4e26-3af0-036a-2493-7dba72640ec7
sync.aniview.com/ Name: 1_C_23
Value: 6aee4e26-3af0-036a-2493-7dba72640ec7
.aniview.com/ Name: 1_C_18
Value: HQzWZQZHTprevADoQOeL11M1
sync.aniview.com/ Name: 1_C_18
Value: HQzWZQZHTprevADoQOeL11M1
.aniview.com/ Name: 1_C_72
Value: 114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
sync.aniview.com/ Name: 1_C_72
Value: 114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
.aniview.com/ Name: 1_C_9
Value: 62dea72e53dc2e243a2a2635d13fb7b
sync.aniview.com/ Name: 1_C_9
Value: 62dea72e53dc2e243a2a2635d13fb7b
.aniview.com/ Name: 1_C_55
Value: 2535980227366638075
sync.aniview.com/ Name: 1_C_55
Value: 2535980227366638075
.aniview.com/ Name: 1_C_142
Value: cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
sync.aniview.com/ Name: 1_C_142
Value: cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
.aniview.com/ Name: 1_C_41
Value: 4187545677285024608258
sync.aniview.com/ Name: 1_C_41
Value: 4187545677285024608258
.aniview.com/ Name: 1_C_60
Value: 07f064bb-75b8-42f3-a993-2e9dec53f3bc
sync.aniview.com/ Name: 1_C_60
Value: 07f064bb-75b8-42f3-a993-2e9dec53f3bc
.a.usbrowserspeed.com/ Name: tuid
Value: 51afb2e6-9fea-4bf6-a7b2-0b8b7c21a724
.aniview.com/ Name: 1_C_200
Value: RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
sync.aniview.com/ Name: 1_C_200
Value: RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
.prebid.a-mo.net/ Name: _sv3_12
Value: 1
.aniview.com/ Name: 1_C_49
Value: 990277896830277133
sync.aniview.com/ Name: 1_C_49
Value: 990277896830277133
.w55c.net/ Name: matchcasale
Value: 5
.shefinds.com/ Name: _ga_SPS2TCRBW2
Value: GS1.1.1693794607.1.1.1693794621.0.0.0
.dotomi.com/ Name: DotomiTest
Value: 55fee6f9cdbb2394
.aniview.com/ Name: 1_C_42
Value: ZPVBNe7xTpdYaMRGxHT2EAAA&468
sync.aniview.com/ Name: 1_C_42
Value: ZPVBNe7xTpdYaMRGxHT2EAAA&468
.aniview.com/ Name: 1_C_80
Value: wTUvU2M-kp_s
sync.aniview.com/ Name: 1_C_80
Value: wTUvU2M-kp_s
.serverbid.com/ Name: CONSUMABLEID
Value: 2df8bf4b97fb4e89b8bf4b97fb8e8987
x.videobyte.com/ Name: vbxuid
Value: 1c36f547-eb8a-4237-b78b-3fac037da6c2
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQCDate
Value: 1693794621918
.adkernel.com/ Name: DSP2F_71
Value: 343983
.adkernel.com/ Name: ADKUID
Value: A7298272160482644129
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1693816222224
.spotim.market/ Name: a281178
Value: A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
.go.sonobi.com/ Name: _usd_shefinds.com
Value: 7d26b043-032b-4f53-aabb-2e291a2cd7fc
.go.sonobi.com/ Name: __uih
Value: 1
io.narrative.io/ Name: io.narrative.guid.v2
Value: ff7aa120-4aca-11ee-a591-0a3986670f6f
.dotomi.com/ Name: DotomiUser
Value: 712607205824788035$3$1098471412$$1
.richaudience.com/ Name: avcid-rub-uid
Value: LM49KSCX-B-B1NA
.smartadserver.com/ Name: csync
Value: 79:7919c3fc-c7fb-4cfb-a3b1-4120d680e18a|86:2535980227366638075|127:AACX7E7J6oIAACoiJc0fIg|135:TAM_OK|150:0
.rqtrk.eu/ Name: browser_id
Value: 1:5ea27b37-5ab5-4a46-912b-fecad6b65d58
.mookie1.com/ Name: syncdata_IOW
Value: 1
.aniview.com/ Name: 1_C_1
Value: A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
sync.aniview.com/ Name: 1_C_1
Value: A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
.go.sonobi.com/ Name: __uin_yh
Value: y-9SKjUHJE2uHdSY5h9.sLV3z24Rvtf62x4f33r7w-~A
.go.sonobi.com/ Name: __uin_eb
Value: CAESEGYPohBaFxINW1b1RcxivxM||1
.go.sonobi.com/ Name: __uin_pp
Value: y2aI2Ueo8q3c
.go.sonobi.com/ Name: __uin_tl
Value: 4187545677285024608258
.go.sonobi.com/ Name: __uin_zt
Value: 1813050723370043128
.go.sonobi.com/ Name: __uin_td
Value: 3175ac58-0d9d-47aa-b429-d8f42e050f30
.go.sonobi.com/ Name: __uin_rh
Value: BfCE3hDnG2SOJFTOP3fi
.go.sonobi.com/ Name: __uin_vb
Value: 1c36f547-eb8a-4237-b78b-3fac037da6c2
.go.sonobi.com/ Name: __uin_ox
Value: 2d28fe46-7bb9-022a-2363-6be882013cae
.go.sonobi.com/ Name: __uin_an
Value: 2535980227366638075
.crsspxl.com/ Name: uid
Value: 4675803951937906561
.crsspxl.com/ Name: uuid
Value: 8edcf668-4833-47a6-9906-6484933f5a5c
.360yield.com/ Name: um
Value: !79,QeaOWs7mEvhBl.58Ej2gSY7oGknwgh6k9XG0qN6bTqpXHlBYxbL5kkSMvhH4yDeTp3XW6HxE.FY3ruuH,1701570623
.360yield.com/ Name: umeh
Value: !79,0,1756002623,-1
.shefinds.com/ Name: spotim_visitId
Value: {%22visitId%22:%220d352daf-04c4-4bf7-b665-23cc0cfe7134%22%2C%22creationDate%22:%22Sun%20Sep%2003%202023%2016:30:13%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)%22%2C%22duration%22:11}
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5930-2!5930-3!5930
.ads.stickyadstv.com/ Name: pxId
Value: 3281
.tremorhub.com/ Name: tvid
Value: f09af2ee640a40dca4da33678cd9354b
.spotim.market/ Name: a323551
Value: HQzWZQZHTprevADoQOeL11M1
.tappx.com/ Name: TXUSERID
Value: c2daf9e7-47e6-49b9-b795-e5324b079ad1f1a
.spotim.market/ Name: a323548
Value: 2535980227366638075
.go.sonobi.com/ Name: __uin_bw
Value: 54d10197-cb46-413a-91f9-8e6ea8d9de90
trace.mediago.io/ Name: __mguid_
Value: ee57f448535302e4cae242ff57a5b5b8
.spotim.market/ Name: a448580
Value: A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
.aniview.com/ Name: 1_C_5
Value: LM49KSCX-B-B1NA
sync.aniview.com/ Name: 1_C_5
Value: LM49KSCX-B-B1NA
.spotim.market/ Name: a696268
Value: c38e02b2-2b01-4a8f-865b-88eb3fbaa415
.tremorhub.com/ Name: tvrg_60867
Value: 1,1693794624
.spotim.market/ Name: a309017
Value: 114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
.spotim.market/ Name: a748543
Value: cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-54d10197-cb46-413a-91f9-8e6ea8d9de90
.pubmatic.com/ Name: PugT
Value: 1693794623
.bluecava.com/ Name: lv
Value: 2023-09-04 02:30:24Z
.bluecava.com/ Name: acx
Value: dhttx|^YAn5LQ==|/GYU5e6s2wg=|$ipatx|^YAn5LQ==|2GcU5e6s2wg=|$lipx|^2023-09-04 02:30:24Z|$pt|^H4sIAEBB9WQA/wXCUQrAIAgA0Lv4L2Ra6k6xK5QVDHaAwdbdx3sveCtLvRpKWY7SJbD3oZjmiFDxRsHfeT3zhgMqW3Z2kixWk2ZKsH/Rj7/GQwAAAA==
.bluecava.com/ Name: idx
Value: dxx|^460c0f1b-5ef5-4d14-b1af-cd7ef072b7e3|$mx|^d830a6c7-e084-4b93-aefa-14f0ce4e3fd9
.eqads.com/ Name: EQUser
Value: UID=bc246ce7-03e8-4515-9464-ed55fdde1a9c
.tappx.com/ Name: TXCSDMN_32
Value: 2535980227366638075
.adkernel.com/ Name: DSP2F_63
Value: 546302
.adkernel.com/ Name: DSP2F_40
Value: 631495
.tappx.com/ Name: TXCSDMN_13
Value: HQzWZQZHTprevADoQOeL11M1
.hash.qualia.id/ Name: hparg
Value: hpargdx|^460c0f1b-5ef5-4d14-b1af-cd7ef072b7e3|$ltu|^
.tremorhub.com/ Name: tvv
Value: 2
.spotim.market/ Name: a733068
Value: HQzWZQZHTprevADoQOeL11M1
.tappx.com/ Name: TXCSDMN_80
Value: cd8eb09c-63f1-47ac-90c7-54df7d53d1b0
.tappx.com/ Name: TXCSDMN_253
Value: cf3d1abc-8c5c-4479-a90c-615ee6ecc762
.fwmrm.net/ Name: _uid
Value: "o15f8_7274792520515949648"
.adtelligent.com/ Name: a281178
Value: A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
.adtelligent.com/ Name: vmuid
Value: 8c142d02c463c298
.adtelligent.com/ Name: a323546
Value: ZPVBNe7xTpdYaMRGxHT2EAAA&468
.tappx.com/ Name: TXCSDMN_45
Value: 990277896830277133
.tappx.com/ Name: TXCSDMN_724
Value: e2796388-aa83-53f7-8a8c-6ae8ee792bd3
.tappx.com/ Name: TXCSDMN_28
Value: 4187545677285024608258
.tappx.com/ Name: TXCSDMN_50
Value: 640113117700930142
.tappx.com/ Name: TXCSDMN_108
Value: 3cef9c40-0887-435c-b965-1zz1693794609
.gammaplatform.com/ Name: _aGeoIp
Value: BR|Belo_Horizonte
.gammaplatform.com/ Name: _aUID
Value: xpnh5uy0e112
.tappx.com/ Name: TXCSDMN_1135
Value: OPU641abfc9db6847f0ab54e557609fb367
.spotim.market/ Name: a708476
Value: RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
.quantumdex.io/ Name: uid
Value: da0a1784-d8ab-4c85-ab15-f94d2b215e2b
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.tappx.com/ Name: TXCSDMN_728
Value: aSNLhRAjA0awXQ-rPEH1ZA
.tappx.com/ Name: TXCSDMN_76
Value: A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8
.media6degrees.com/ Name: clid
Value: 2s0fwaq0117187o3xpzkurax000000016u011001901
.media6degrees.com/ Name: acs
Value: 012020k1s0fwaqxzt10
.tappx.com/ Name: TXCSDMN_58
Value: 212166994878779
.clickagy.com/ Name: cb
Value: ZPVBQjv-Ym6xZtnfccc18Lbx
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2023-09-04 02:30:26"}]
.w55c.net/ Name: matchopenx
Value: 5
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22e3358483bc%22%2C%22f%22%3A1%2C%22ts%22%3A1693794626621%7D%2C%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1693794617703%7D%2C%7B%22p%22%3A%22632381c622%22%2C%22f%22%3A1%2C%22ts%22%3A1693794626621%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1693794617703%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1693794625181%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1693794617703%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1693794625181%7D%2C%7B%22p%22%3A%22a3ec099f1a%22%2C%22f%22%3A1%2C%22ts%22%3A1693794626621%7D%2C%7B%22p%22%3A%22b09a7ad68f%22%2C%22f%22%3A1%2C%22ts%22%3A1693794626621%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1693794625181%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1693794625181%7D%2C%7B%22p%22%3A%220f90caf3cf%22%2C%22f%22%3A1%2C%22ts%22%3A1693794626621%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1693794617703%7D%2C%7B%22p%22%3A%2295c591d034%22%2C%22f%22%3A1%2C%22ts%22%3A1693794626621%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1693794617703%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1693794625181%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1693794617703%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1693794625181%7D%5D
.adtelligent.com/ Name: a307682
Value: da0a1784-d8ab-4c85-ab15-f94d2b215e2b
.agkn.com/ Name: ab
Value: 0001%3AlH2lPi4n%2B4yXjmANOOSRv71VVHnBG6ax
.bluekai.com/ Name: bkdc
Value: phx
.smaato.net/ Name: SCMp
Value: e5563551d8
.tappx.com/ Name: TXCSDMN_52
Value: LM49KSCX-B-B1NA
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhbXgiOnsidWlkIjoiYzM4ZTAyYjItMmIwMS00YThmLTg2NWItODhlYjNmYmFhNDE1IiwiZXhwaXJlcyI6IjIwMjMtMTItMDNUMDI6MzA6MThaIn0sInRyaXBsZWxpZnRfbmF0aXZlIjp7InVpZCI6IjQxODc1NDU2NzcyODUwMjQ2MDgyNTgiLCJleHBpcmVzIjoiMjAyMy0xMi0wM1QwMjozMDoyNloifX0sImJpcnRoZGF5IjoiMjAyMy0wOS0wNFQwMjozMDoxOFoifQ==
.rezync.com/ Name: zync-uuid
Value: 209a5ed8-14b6-4395-918c-4da16d7955ba:1693794626.9884548
.admanmedia.com/ Name: ac_r
Value: CS63|CS71|CS112|CS181
.pxl.iqm.com/ Name: ttacross
Value: MTY5NTAwNDIyNzI0Ng==
.pxl.iqm.com/ Name: iqm.retarget.uid
Value: 5d5d937a-cdd5-4911-9e7d-07699aaba21c
.go.sonobi.com/ Name: __uir_i5td
Value: 91310257409910322
.go.sonobi.com/ Name: __uin_i5td
Value: 3175ac58-0d9d-47aa-b429-d8f42e050f30
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByxWAMAgEwIvt4AvJ8lm7IWIjqdyZc8UcLPs6RbFdsGhCzVfQpd5Bs12POlcQPv1mJgz5A_3m3E06AAAA
.w55c.net/ Name: matchtriplelift
Value: 5
pbjs.e-planning.net/ Name: CT
Value: 1
live.rezync.com/ Name: sd-session-id
Value: .eJwNzDEOwyAMQNG7eA4VBhtsLhORwIDapFVIlka9exm_9PRvmD_12PJe9xPSeVx1gvXVRnVIN_T23eoTEqCgt2yj8z5aSx6dwG-CXntv731uZRhnNXMtYpCWYMgrG0VZDZWMoURlXnLCoD4qBRceKkJM4_MHmjolSg.ZPVBQw.HihoHDYRqOKrV7boihlxoyvJeGE
.e-planning.net/ Name: E
Value: ALIK8H7WfXEWEFoB
.prebid.a-mo.net/ Name: __amc
Value: 6_1693794612_1693794628
.go.sonobi.com/ Name: __uin_co
Value: 2df8bf4b97fb4e89b8bf4b97fb8e8987
.go.sonobi.com/ Name: __uir_pp
Value: 91310244525008436
.lijit.com/ Name: _ljtrtb_92
Value: 2535980227366638075
.go.sonobi.com/ Name: HAPLB8G
Value: s86102|ZPVBS
beacon.lynx.cognitivlabs.com/ Name: ss
Value: P%2FgcbTtN%2F0%2BWo5HpOx%2BGz8D5d%2Fop15EHcLWQIqOyMZMc7Ghxi83%2BuDbiYh1D5iftDuQO26MalJo%2BwcHxrmq89SQ9JmnaDYtgA7p6UcS6fb0%3D
.go.sonobi.com/ Name: __uir_co
Value: 91310265999844917
.go.sonobi.com/ Name: __uir_eb
Value: 91310244525008437
.go.sonobi.com/ Name: __uir_ox
Value: 91310244525008437
.go.sonobi.com/ Name: __uir_vb
Value: 91310244525008437
.go.sonobi.com/ Name: __uir_yh
Value: 91310244525008437
.go.sonobi.com/ Name: __uir_td
Value: 91310244525008437
.adkernel.com/ Name: DSP2F_61
Value: 634266
.go.sonobi.com/ Name: __uir_rh
Value: 91310244525008437
.lijit.com/ Name: _ljtrtb_5001
Value: bb2ddcc4c0609da514c394ec081f81fd
.semasio.net/ Name: SEUNCY
Value: 8CA5B871451F815D
.tappx.com/ Name: TXCSDMN_162
Value: RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
.lijit.com/ Name: _ljtrtb_85
Value: AACX7E7J6oIAACoiJc0fIg
.teads.tv/ Name: tt_viewer
Value: 5f27c1c3-89de-4671-996c-fe78886852d4
.tappx.com/ Name: TXCSDMN_1111
Value: A7298272160482644129
.adkernel.com/ Name: SSPZ
Value: 183045
.bfmio.com/ Name: __103_cid
Value: 54d10197-cb46-413a-91f9-8e6ea8d9de90
.bfmio.com/ Name: __103_exp
Value: 1
.bfmio.com/ Name: __bfio_sync
Value: A4CE0D2A959106E9CB9CE10B5F4C7E65
.betweendigital.com/ Name: ut
Value: ZPVBRgAJnPCwIJJSGK7Jn3np1hLEYfcNMZqmVw==
.tappx.com/ Name: TXCD
Value: 1693794630
.storygize.net/ Name: U
Value: 169e4ab0-16cf-492a-9c7d-27d482d88b2f
.ctnsnet.com/ Name: cid
Value: 77bb92bc82a4449c8d2bae1f60dd6263
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1mnx|4is.0.CAESEIgnvoTzmM4Y6KdLZSovT0A|7TY.0|7LJ.0.07f064bb-75b8-42f3-a993-2e9dec53f3bc|2N.0.AAAMo9ZT9AivRgMbWMZcAAAAAAA|3oy.0|7bq.0.1|8nK.0.1|7br.0.1|7dN.0.AACX7E7J6oIAACoiJc0fIg|8i8.0.1|8o4.0.1
.mfadsrvr.com/ Name: ssh
Value: !outbrain,1693794631!sonobi,1693794628!triplelift,1693794627!bidswitch,1693794622!minutemedia,1693794614
.gammaplatform.com/ Name: _aCMR_1
Value: ""
.seedtag.com/ Name: st_cs
Value: 8GIhHH2Qu+PejMwY5w2034se7ClNNIz60IxkdAk3Kcd4jSgMe7sXh7rf6G4lUeZBYQpVSyqDA2fAsGkMm6weyUOAHA9v17pj9WOia1mWvocZxmM85u+FHhCY47sFhWJnJ2bWMDZX0v14MkkWmd+g/1kJH3c9ravSJdsSn6Usrpw+KZVkbGvR7l5s1xJmhb87dig39GdaC3HN1l7deG4554Ei3hQDLZ1EsdVOE8JZdowq7BIIPK4LzdpmeOB3IRaxx0INoT8hL4lKp3KoXruTgBuXjEqUuXERt6D5moX/tL+Tj/752y6EkGWBoDENuF5crBtK+epLggQlOSB3Y3wx4uPADO0HMppdz1qcOKBzJ54rxzM7VSGbPqjb4FoyNdWVaO7ZqFig62/PTxm3QUxlkMGYPCKq1peR0hb0Rl4VyCMWpbtkAgYS3+sgSpXgEir029O6pXdEAgMGhKrMRdMx9cP25ZTHjOCk01SinZRtgVxBdTQK07J5RktFQVvJV92yPaNModWLHBA3o8sAGTyAEM0wNz1PkOqZxMQi4HigU07vqjzuF1ymW+YhfzXVfihcfbmvoNwglYjcAGp6FtiwHkrNxC+3UmV6KP3+uK+3LgRxILAfC+0BPV0i7eRh0pJc+7PL7QIOxZ29IdVjSCjmjgZnf5om9n5Cgdbyh7SK8JT27kk6atPR02ES8RdDJZRgUZPYGR9N1PbTVA/fshJVufqWHvvSz1xKS4wlnFQWCr/pFzO0XZmml69Ke6LMFrFF/tKbqXTKLvk0Tln58+/y5m88uAXYmnfdoK8xyLJaPthbpJMVyxZtg8XRKtspjQcapb1a1F5hQTFd+2YsOVKCwRM0XO50mppFoNqFaEAJcehiTOA6an+bFr/0WBRJUhMUaSZ+2P7uY02/J8K4vV2IIPYKqTq5Nvw6COwjl0iY8EaQt26Gzb76zCbkFkFPBkCqwZsFT7Mn2zldCb8Zy2Ye8G6HI7uIaaMRDRTvy8S0KysoyC5FUaWa/tjyfOmxA1PE
.media.net/ Name: data-ayl
Value: d99fc1948fa396f0fdd7e4c9f13a0c3a~~3
.go.sonobi.com/ Name: __uir_tl
Value: 91310244525008439
.company-target.com/ Name: tuuid_lu
Value: 1693794631|ix:0|tlx:0
.ads.stickyadstv.com/ Name: uid-bp-41396
Value: 4187545677285024608258
.ads.stickyadstv.com/ Name: uid-bp-717
Value: y-Q8qys75E2oOHypELArHQkwrKOVnbiQg51UHa8SVK~A
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AACX7E7J6oIAACoiJc0fIg
.ads.stickyadstv.com/ Name: uid-bp-892
Value: 3175ac58-0d9d-47aa-b429-d8f42e050f30
.ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEMFMCvRJxhEVucABoPBOZe0
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZPVBNe7xTpdYaMRGxHT2EAAAAdQAAAIB
.ads.stickyadstv.com/ Name: MRM_UID
Value: o15f8_7274792520515949648
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: o15f8_7274792520515949648
.go.sonobi.com/ Name: __uir_bw
Value: 91310248819975735
.lijit.com/ Name: _ljtrtb_26
Value: 54d10197-cb46-413a-91f9-8e6ea8d9de90
.doubleclick.net/ Name: APC
Value: AfxxVi76yS2pS8wMEwkqlm74Jum7IDcAUlnhg92Yzi13kmUbrit9Gw
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XNqw0CQRRG4ZBgEWRDqGLI_ee-6WaWoSEkErkSSTlIqsAxi_zMOc_NDpbsKVYJ5K-VTY2W7c9MYH7vh0Git8krZdNrjwKZrQinlkRcivQG656qczuP6CkjRCXu0zg5czz-ncthnCo0P8eVyfEFJzca-boAAAA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005%22%2C%22nxtrdr%22%3Afalse%7D
.realestate.com.au/ Name: mid
Value: 6334236150857936966
.go.sonobi.com/ Name: __uir_zt
Value: 91310244525008439
.media.net/ Name: data-o
Value: 4e292bdb-016d-0fc5-3b14-1ca012d8ef37~~3
.mxptint.net/ Name: mxpim
Value: R35CA5_10874D1AA_4C1A5CCE.1.000000000000000064F5413B000000000000000064F54148
.getpublica.com/ Name: p_uid
Value: 0907cb80-ba31-4bec-990b-48e514cca794
.quantserve.com/ Name: d
Value: EIwBKgHvKfijCJiTCuu4EL7iDtqNEIzYIA
.tribalfusion.com/ Name: ANON_ID
Value: arnxnXNZaiMjAmemZbnQwbS9myS16yQAvv9Gp5i6rp3eUEbv4TaS3TAJr80AgX0crIIENj9MKiRX0MFk0rZaDrksTdD1ZaUHnZbD8LErTN6bxr3dW7lMZaTIPrrtCQYXRqEHaAPAVI
.adgrx.com/ Name: ADGRX_CM_FREEWHEEL_BRIDGED
Value: 1
.go.sonobi.com/ Name: __uir_an
Value: 91310244525008440
.realestate.com.au/ Name: External
Value: %2FTRIPLELIFT%3D4187545677285024608258%2F_EXP%3D1725330632%2F_exp%3D1725330632
.w55c.net/ Name: matchfreewheel
Value: 5
.lijit.com/ Name: _ljtrtb_16
Value: 114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553
.adnxs.com/ Name: anj
Value: dTM7k!M4/Ad<-p'ghqdmU(7RtgKy1w!c6^R?MY<u_w9*Wf#J7/0)AC1X7oY*Exk-YDY[peEs%u>TfMn/DT5[%q3@>M%(2K:$doY:Rl$HlL@dwEe^TR]:W0*a:W-kAalI:PFyCU*<a/_U[Gg-H<Zw=RP<K%f.@%KG66s8TaEZ(P2c0ue=`4k.RD`f7R*mK*2@!:W#>icx)jw_E!!+PM2l><v
.thrtle.com/ Name: sc
Value: eyJpIjoiYTA0MDI0MWMtY2MwZS00MTgyLWI3NjctMzQyN2NjZTllODg3Iiwic2lkIjoic2lkLTA1ZDk2ZTYyLTRhY2ItMTFlZS1hM2MxLTAyNDIwYWZmMDEzZCIsIm1zIjoxLCJwcyI6MSwic3AiOjUwMTUsInBwIjoxLCJ0c2UiOjEsImx0c2UiOjE2OTM3OTQ2MzI4NTd9
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5Mzc5NDYyMDA4NSwiNzkiOjE2OTM3OTQ2MTQ1ODYsIjI0IjoxNjkzNzk0NjE4NzU0LCIyNiI6MTY5Mzc5NDYyNzI5MywiMzkiOjE2OTM3OTQ2MTQ1ODYsIjE3IjoxNjkzNzk0NjI1OTk1LCI3IjoxNjkzNzk0NjE0NTg2LCI4MCI6MTY5Mzc5NDYzMzIzOCwiODEiOjE2OTM3OTQ2MjUwODIsIjc0IjoxNjkzNzk0NjI0NTQ3LCI2NCI6MTY5Mzc5NDYyNTAzNH0
.as.ck-ie.com/ Name: CID
Value: 6a20a955cdf0ae1de3cb06c931011c11b3f5c7d9
.rlcdn.com/ Name: pxrc
Value: CLGC1acGEgUI6AcQABIFCOhHEAASBgiw6gEQExIGCLbqARAMEgYIuuoBEAgSBgi86gEQExIGCMLqARALEgYI8uoBEBgSBgi46wEQBhIGCOrcKhAQEgYI190qEBQSBgiktysQDw==
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 21
.aniview.com/ Name: 1_C_24
Value: 54d10197-cb46-413a-91f9-8e6ea8d9de90
sync.aniview.com/ Name: 1_C_24
Value: 54d10197-cb46-413a-91f9-8e6ea8d9de90
.acuityplatform.com/ Name: aum
Value: OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRRdAbRiYmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUXQG0YmI90aGlyZFBhcnR5VXNlcklkIfuAOPpC0EMlAUUXQG9chkQlAUUXQG9chkUh+4EyM/pCJK5DJQFFF0BwBLREJQFFF0BwBLRFVTQxODc1NDU2NzcyODUwMjQ2MDgyNTj7gTIy+kIkrEMlAUUXQHA1skQlAUUXQHA1skVjZjhlNTBmZjktMDZlYS0wMzNmLTAyOTUtODg1MzEwOTM0NWVj+/uGdmVyc2lvbsL7
.adhaven.com/ Name: uid
Value: 4c_d310d0c3-9c84-4ec9-b774-cedfdb0bae3f
.pubmatic.com/ Name: SPugT
Value: 1693794633
.owneriq.net/ Name: p2
Value: oxc
.owneriq.net/ Name: oxc
Value: 1
.onetag-sys.com/ Name: OTP
Value: 5ZTisQ7AwUg99XShrx87XAMMSY0rz1jikP58tAqOuuM
pool.admedo.com/ Name: tuuid
Value: be9ad483-e088-4267-a345-03c46e0ae8c9
pool.admedo.com/ Name: c
Value: 1693794633
.sundaysky.com/ Name: sskyu
Value: d6.a578a0594ed8463abced9985b60a096e
.sundaysky.com/ Name: sskyCreationTime
Value: 1693794634009
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.aniview.com/ Name: 1_C_20
Value: t1ROgcMqtCvVjOomcUTWlmJsXWrOBQi7XCeiaulK1_0
sync.aniview.com/ Name: 1_C_20
Value: t1ROgcMqtCvVjOomcUTWlmJsXWrOBQi7XCeiaulK1_0
.brand-display.com/ Name: _knxq_
Value: 4fcf21a0-5429-cdf4-fa82b175.1693794621.1.1693794634.1693794621
www.shefinds.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%223175ac58-0d9d-47aa-b429-d8f42e050f30%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222023-08-04T02%3A30%3A33%22%7D
.shefinds.com/ Name: cto_bundle
Value: qXyqxF9Lcm93Y2RsV3gwTHR2JTJCZXEzU0RsTFdwVzdIUlklMkJDeURmZVNJUSUyRmclMkJ0NVd2c2gzaTBDRE9QSzZCRXRhaXdXViUyQmclMkZDJTJGNGJWbUU5JTJCNzNyV1lzQWcwUFlqJTJCY2glMkJBbCUyQjBSQVVRMXZlNmg3N1pTbXFlN0VSVlJDUXpmJTJCQkx6YUNybGVSWGwxRWw3N0Flb1Z0UTQlMkZBdXV6dyUzRCUzRA
.openx.net/ Name: pd
Value: v2|1693794613.11.1.6.1.1.1|vPvMgakWgy.iKbwuYhEgKg2.g6wvmmfYn8wDwtmKvJeSwrf8vuoqvRwi.hAvZnof4csvU.hMs7wwlwvDvE.t1rZvstpsvv5.eD
.shefinds.com/ Name: cto_bidid
Value: WsIVgl9oWHIyQ2V1bkRQeU5rVExpTXZGS1dtcnVoVTM5aHhab0dqZGJiYkFHaGklMkZNaWtiejMzWHVRQnUydERmaThRR1hiWHdpMWhWMHZOcG1FNVZRZEFRM2dIJTJGc0N5NUFwbUtzNG1MTkQzeEVGcUklM0Q
.sundaysky.com/ Name: sskya
Value: "e294Ont0czoiNDA2eG15Iix0OiJuaSJ9fQ=="
pool.admedo.com/ Name: tuuid_lu
Value: 1693794634
.justpremium.com/ Name: jpxumatched
Value: gg|ox
.lijit.com/ Name: ljtrtb
Value: eJxtkDluHDEQRe%2FSsQuoYq101j2jNjReZFgKJu3mYiuxDmD47iYVG2BAFF%2F9T7w%2FixLh8nERcw3krJTZM5oaLR8WjfG02nrVlTcw33eQqzCsexK4phz75vsl9pgsIg36PFOtpUhBw1wPJSmcpRUM6uPUQSYbnEolpOxQTjEQ4gMy9QzRrB1Rc20ZB0uTJRIkbwgSSUHwpIFVAclC2sqRujGYdB0xBqrKs8XHJpPrUTQARyKIHweckjLU6JIaKnaeLTEVfPkq%2BfPz5Q4bbPRtHeOcxjgpaw5MydnMOND1fQOnG%2FfeOE5Djhri1VrzFkkwMSPqO8n%2FzQ6datfL3R%2F8Zm%2BP4%2Fr2eivYH3%2FO5vn5H3c4uRcfPqGipWEpHIYCAjQW18I9a4dRNAOnqa1fHvjX9fen9Px021%2BevnN%2FXf7%2BA3pTcjo%3D
.lijit.com/ Name: _ljtrtb_76
Value: eaeb9c84-40d9-0f28-1fe7-d468d88642b9
.thrtle.com/ Name: mc
Value: eyJpZCI6ImIzOWJmNWY4LWFhZjctNGEwZS05ZGZmLTg5MjIxNGIyNWZmYyIsImwiOjE2OTM3OTQ2MzQzNDMsInQiOjd9
.id5-sync.com/ Name: id5
Value: 28fdd22b-1ee9-7509-871a-6bc69350ae97#1693794614161#12
.id5-sync.com/ Name: 3pi
Value: 2#1693794625188#-782617381#2535980227366638075|3#1693794627504#-800072533#d0a664f5-4137-4e00-931c-0b407a189fe2|165#1693794631896#1792774246|264#1693794617845#-556941831#3175ac58-0d9d-47aa-b429-d8f42e050f30|203#1693794631715#1166661675#7919c3fc-c7fb-4cfb-a3b1-4120d680e18a|1227#1693794632286#1980999577|108#1693794617025#1983160194|1228#1693794633437#1980999577|429#1693794624377#2135052793#A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8|434#1693794622449#1588980444|441#1693794623124#-118108341#u_0bf2bdef-6a6e-425f-bda4-fe041801fa71|1241#1693794631023#1980999577|1242#1693794628813#1980999577|826#1693794632735#-1978974490#114017e0-4825-40b1-8ed4-49415eca2f63-64f54136-5553|155#1693794625922#979219920#AACX7E7J6oIAACoiJc0fIg|987#1693794634376#109973433|796#1693794620841#575736620|124#1693794624180#-538842163|1245#1693794626854#1980999577|286#1693794619316#-1817904202|1246#1693794629717#1980999577
.id5-sync.com/ Name: callback
Value: https%3A%2F%2Fmatch.deepintent.com%2Fusersync%2F147%2Fstore%3Fid%3D%7BID5UID%7D
.eyeota.net/ Name: mako_uid
Value: 18a5e070ad2-5b420000010a47c6
.eyeota.net/ Name: SERVERID
Value: 18374~DM
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22112%22%3A%2220230904%22%2C%22113%22%3A%2220230904%22%2C%22147%22%3A%2220230904%22%2C%22140%22%3A%2220230904%22%2C%22108%22%3A%2220230904%22%2C%22141%22%3A%2220230904%22%2C%22142%22%3A%2220230904%22%2C%22126%22%3A%2220230904%22%7D
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiExu68nL6WPBAFEhUKBmNhc2FsZRILCIivlfScvpY8EAUSFwoIcHVibWF0aWMSCwi4zLuAnb6WPBAFEhMKBGtydXgSCwik_YGp44uLPBAFEhIKA2FhbRILCIDNvY-dvpY8EAUSFgoHYmx1ZWthaRILCLrVk5KdvpY8EAUSFgoHc3Z4OXQ1MBILCK7_9YudvpY8EAUSGAoJYmlkc3dpdGNoEgsIuNuAn52-ljwQBRgBIAEoAjILCPCQguO0vpY8EAU4AVoGZXllb3RhYAI.
.seedtag.com/ Name: st_csd
Value: 1693794636220:1693794636220
.rlcdn.com/ Name: rlas3
Value: QIeWkWJnLLHu1fSnwsuur8DbJoopefbSuCJHUno2xHg=
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEoySklJTjZJNjAzsExJNDU0STa2NElNNrAwTAOiFAYgSPnq6AOioQAAbooLTQ%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI%2BeroA6SgAAAYSwHn"
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYWRueHMiOnsidWlkIjoiMjUzNTk4MDIyNzM2NjYzODA3NSIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjMwOjMyLjgyMTc1NDAwN1oifSwidW5ydWx5Ijp7InVpZCI6IlJYLWIzZmM3ZGRjLWQwNjItNDE4Ny04MjUxLTA2MzQ3NWMzZjk1Zi0wMDUiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwMjozMDozNC42NzIwNTgxNjNaIn0sImd1bWd1bSI6eyJ1aWQiOiJ1XzBiZjJiZGVmLTZhNmUtNDI1Zi1iZGE0LWZlMDQxODAxZmE3MSIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjMwOjMzLjQ2MTYxNjQwN1oifSwidW5kZXJ0b25lIjp7InVpZCI6IjI0dGQwZnJqY2c0djl0ZWN6eWdhemRpM2YiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwMjozMDozMy4yNDE3NzMwMDlaIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiNDE4NzU0NTY3NzI4NTAyNDYwODI1OCIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjMwOjI3LjM1MjI0MDUzNloifSwiYW14Ijp7InVpZCI6ImMzOGUwMmIyLTJiMDEtNGE4Zi04NjViLTg4ZWIzZmJhYTQxNSIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjMwOjE4LjcwNTYwODA4NVoifSwiaXgiOnsidWlkIjoiWlBWQk5lN3hUcGRZYU1SR3hIVDJFQUFBJjQ2OCIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjMwOjMwLjMxNTk1NTA1NloifSwieWllbGRtbyI6eyJ1aWQiOiIzUmM3c3Fxbm43cXhGNFdNQWZSQiIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjMwOjMzLjAyNTYzMjY5NloifSwib25ldGFnIjp7InVpZCI6ImplV3pIMjJscTRRZ3BDaXNsTEp3NDJSM2k2LUcxWXh2R19IeGtkUk9SLXMiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwMjozMDoxNy42ODg2NDAwOVoifSwia2FyZ28iOnsidWlkIjoiODZkYmJhMTktMjU0MS01ZjVjLWUxNTUtYTJkYTUxMWM4YjM5IiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDI6MzA6MzEuMTExNzI5MThaIn0sInNtaWxld2FudGVkIjp7InVpZCI6ImRlODI2ZTMxN2Y3MGEwYjNkZmU0ODlhYTNhZWFiODMwIiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDI6MzA6MzYuNDE2MzkyMzQzWiJ9LCJncmlkIjp7InVpZCI6IjU0ZDEwMTk3LWNiNDYtNDEzYS05MWY5LThlNmVhOGQ5ZGU5MCIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjMwOjIxLjI1MTkzNTY1M1oifSwibWVkaWFuZXQiOnsidWlkIjoiMzM2Nzk2MjEzNjYzNDkzNDAwMFYxMCIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjMwOjM2LjI3OTM5NzQzN1oifSwiMzNhY3Jvc3MiOnsidWlkIjoiMjEyMTY2OTk0ODc4Nzc5IiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDI6MzA6MjcuNDE5OTAwOTU1WiJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJBNkFENUEzQi02N0ZGLTRENDMtQUYyNC1EMjk4RkI3RkM4RjgiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwMjozMDoyNi43MjUxNDE2OTRaIn0sInJ1Ymljb24iOnsidWlkIjoiTE00OUtTQ1gtQi1CMU5BIiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDI6MzA6MTYuNTkzOTgwNzE4WiJ9LCJ5YWhvb0FkdmVydGlzaW5nIjp7InVpZCI6InktVExIcmp0OUUydUhyR055Sm5yekJIWFA5VzhiYUw5UHh-QSIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDAyOjMwOjE5LjE4MzQwNDM5NFoifSwidGFwcHgiOnsidWlkIjoiYzJkYWY5ZTctNDdlNi00OWI5LWI3OTUtZTUzMjRiMDc5YWQxZjFhIiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDI6MzA6MjkuMzkzMTg0NTQ4WiJ9LCJvcGVueCI6eyJ1aWQiOiJiZmRiY2Q4Yi0xM2YyLTA2Y2MtMzNkNy1hMmRiMjE2Y2JmNjYiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwMjozMDozMy4xNDA0MTk5MTdaIn0sInNtYWF0byI6eyJ1aWQiOiI4Y2NiODBmYzc1IiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDI6MzA6MTMuODEyMTAyNDNaIn19fQ==
.rubiconproject.com/ Name: audit
Value: 1|4zBEyFPvNhXYSi0vwHtDOXPRNbF5kSLFueFtQsPMP0x+xL8LlrcUaEAw3LDUh6x65+3wymjK1tryUhTWCqUS/Pv31DA4fHDqMp0HTDw5gZ7V/IjBlWfcnfG686Gv+/dsLynOw4sZBJLq2vOKhaMvL87oinGC8Ts/YPDxny9O7hNPVHjylZIeXA8g3IVFsQqk
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2dq2:18wk~2dq2:1969~2dq2:18z9~2dq2:194o~2dq2:175w~2dq2:1929~2dq2:190u~2dq2:1991~2dq2:18za~2dq2:191q~2dq2:19cg~2dq2:19cl~2dq2"
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiNjQwMTEzMTE3NzAwOTMwMTQyIiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDQ6MzA6MzYuOTIzODI1MzM2KzAyOjAwIn0sIml4Ijp7InVpZCI6IlpQVkJOZTd4VHBkWWFNUkd4SFQyRUFBQVx1MDAyNjQ2OCIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDA0OjMwOjM3LjE0MjUzNDYwNyswMjowMCJ9LCJwdWJtYXRpYyI6eyJ1aWQiOiJBNkFENUEzQi02N0ZGLTRENDMtQUYyNC1EMjk4RkI3RkM4RjgiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwNDozMDozNS43NDA0Njc4NzQrMDI6MDAifSwicnViaWNvbiI6eyJ1aWQiOiJMTTQ5S1NDWC1CLUIxTkEiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwNDozMDozMi42NjUyMTc5NSswMjowMCJ9LCJzbWFydHlhZHMiOnsidWlkIjoiMWQ0ODVhNjYyMjQwMWM3YTFjYTUxOTEwOTg1MmU4ODQ4MGIyYjY0NjJhMjEwMTM2NjY3YWMwMGI4ZmMxODUwMCIsImV4cGlyZXMiOiIyMDIzLTA5LTE4VDA0OjMwOjM2LjgzOTAzMzYxNyswMjowMCJ9LCJzb3ZybiI6eyJ1aWQiOiJIUXpXWlFaSFRwcmV2QURvUU9lTDExTTEiLCJleHBpcmVzIjoiMjAyMy0wOS0xOFQwNDozMDozNi4xNzE1NTA1NzErMDI6MDAifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiI0MTg3NTQ1Njc3Mjg1MDI0NjA4MjU4IiwiZXhwaXJlcyI6IjIwMjMtMDktMThUMDQ6MzA6MjkuMTYwODAyMTQ4KzAyOjAwIn19LCJiZGF5IjoiMjAyMy0wOS0wNFQwNDozMDoyOS4xNjA4MDAyNDcrMDI6MDAifQ==

182 Console Messages

Source Level URL
Text
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://d3ezl4ajpp2zy8.cloudfront.net/shefindsmedia-lifestyle_tag.js
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://people.api.boomtrain.com/identify/resolve?data=eyJjb29raWUiOnsiYnNpbiI6IiJ9LCJxdWVyeXN0cmluZyI6e319&site_id=339c4cee6051c3aea99d9d91e3b71ab2
Message:
Failed to load resource: the server responded with a status of 403 (FORBIDDEN)
network error URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001693794608-24SKF765-H653
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001693794608-24SKF765-H653
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001693794608-24SKF765-H653&uid=07f064bb-75b8-42f3-a993-2e9dec53f3bc&gdpr=0
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001693794608-24SKF765-H653&adnxs_id=2535980227366638075&gdpr=0
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/pbm_match?pbm=A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&id=AU1D-0100-001693794608-24SKF765-H653
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001693794608-24SKF765-H653&google_gid=CAESEF1gNzabfGFrQvDM79DwGW0&google_cver=1&google_ula=450542624,0
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/t_match?tdid=3175ac58-0d9d-47aa-b429-d8f42e050f30&id=AU1D-0100-001693794608-24SKF765-H653
Message:
Failed to load resource: the server responded with a status of 502 ()
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://socialcanvas-api.kargo.com/v2/embed/check
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001693794608-24SKF765-H653&tapad_id=f3a6c746-4028-425d-8997-c0b7dc5b7eac
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/unruly?id=AU1D-0100-001693794608-24SKF765-H653&unruly_id=RX-b3fc7ddc-d062-4187-8251-063475c3f95f-005
Message:
Failed to load resource: the server responded with a status of 502 ()
network error URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001693794608-24SKF765-H653&halo_id=060j9d88fihe9b8df9bkjcbjcaj9djfekefw6k44ousm7g4ko6gzwigwiew6kwomy
Message:
Failed to load resource: the server responded with a status of 502 ()
javascript error URL: https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3' from origin 'https://www.shefinds.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=463&friendly=friendly_63882213&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=63882213&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_72510872&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=72510872&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_60653926&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=60653926&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://d3r7h55ola878c.cloudfront.net/btn/1.0.2/btn.js?_=1693794611280
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=463&friendly=friendly_63882213&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=63882213&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_60653926&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=60653926&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_72510872&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=72510872&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://sync.search.spotxchange.com/partner?source=211945
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://di.rlcdn.com/710530.gif
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://csync.loopme.me/?pubid=11556&gdpr=[GDPR]&gdpr_consent=[USER_CONSENT]&redirect=https%3A%2F%2Fcs.minutemedia-prebid.com%2Fcs%3Faid%3D21511%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://aud.pubmatic.com/AdServer/Artemis?uidtype=0&dpid=441&segid=21144,21967,32745
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20A6AD5A3B-67FF-4D43-AF24-D298FB7FC8F8&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.search.spotxchange.com/partner?adv_id=8651&redir=https%3A%2F%2Fs.seedtag.com%2Fcs%2Fcookiesync%2Fspotx%3Fchanneluid%3D%24SPOTX_USER_ID
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.search.spotxchange.com/partner?source=249286
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11480&redirect=https%3A%2F%2Fvisitor.omnitagjs.com%2Fvisitor%2Fsync%3Fuid%3D68c72dd412a8d0f3f6d2276db2509939%26name%3DLOOPME%26visitor%3D%7Bdevice_id%7D%0A&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://events.release.narrativ.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://dd2df89f67b9745ba70681123dbca825.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://embed.reddit.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pandg.tapad.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://events.release.narrativ.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://dd2df89f67b9745ba70681123dbca825.safeframe.googlesyndication.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://embed.reddit.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://gum.criteo.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://s.amazon-adsystem.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pandg.tapad.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://ads.pubmatic.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eb2.3lift.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://eus.rubiconproject.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://pre.ads.justpremium.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cs.seedtag.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://acdn.adnxs.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://js-sec.indexww.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://cdn.undertone.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://onetag-sys.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://pmp.mxptint.net/sn.ashx?ak=1
Message:
Failed to load resource: net::ERR_CONNECTION_RESET
network error URL: https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc3OTM0OTIvdC8y/kv/ID1=07f064bb-75b8-42f3-a993-2e9dec53f3bc
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3' from origin 'https://www.shefinds.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3' from origin 'https://www.shefinds.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3' from origin 'https://www.shefinds.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3' from origin 'https://www.shefinds.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED
security error URL: https://assets.a-mo.net/js/cframe.js
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://prebid.a-mo.net') does not match the recipient window's origin ('https://www.shefinds.com').
javascript error URL: https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3' from origin 'https://www.shefinds.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id5-sync.com/k/155.gif?puid=AACX7E7J6oIAACoiJc0fIg&id5AccountNum=155&numCascadesAllowed=9
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MzkzL3QvMg/kv/puid=HQzWZQZHTprevADoQOeL11M1
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Message:
Mixed Content: The page at 'https://onetag-sys.com/usync/?pubId=5adb88524e24e50' was loaded over HTTPS, but requested an insecure element 'http://sync.adkernel.com/user-sync?zone=175005&r=7cVRFx7lUfvXyfTlQSxz6HEgtUtA2vyZs_PjhJLF58M'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://sync.adkernel.com/user-sync?zone=175005&r=7cVRFx7lUfvXyfTlQSxz6HEgtUtA2vyZs_PjhJLF58M
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11575&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fxi%3D122%26us_privacy%3D%26xu%3D%7Bviewer_token%7D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Refused to execute script from 'https://track2.securedvisit.com/sync/1540_03681?id=HQzWZQZHTprevADoQOeL11M1' because its MIME type ('image/gif') is not executable.
network error URL: https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript error URL: https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3' from origin 'https://www.shefinds.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=192126&u=https%3A%2F%2Fwww.shefinds.com%2Fcollections%2Fwalmart-packaging-change%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security warning URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Message:
Mixed Content: The page at 'https://onetag-sys.com/usync/?pubId=5adb88524e24e50' was loaded over HTTPS, but requested an insecure element 'http://sync.adkernel.com/user-sync?zone=175005&r=CPTvTwCo9h9Plzp2GvVC8JVyw6xNPfBKCzrrJG-olew'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=null
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.adkernel.com/user-sync?zone=175005&r=CPTvTwCo9h9Plzp2GvVC8JVyw6xNPfBKCzrrJG-olew
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security warning URL: https://onetag-sys.com/usync/?pubId=5adb88524e24e50
Message:
Mixed Content: The page at 'https://onetag-sys.com/usync/?pubId=5adb88524e24e50' was loaded over HTTPS, but requested an insecure element 'http://sync.adkernel.com/user-sync?zone=175005&r=lkXXa0jrR-3IHdq6ngC-VKEMKRugGkxAgJouABfy5TA'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11002&redirect=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D6126%26xuid%3D%7Bdevice_id%7D%26dongle%3D9e4f%26gdpr=0%26gdpr_consent=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://sync.adkernel.com/user-sync?zone=175005&r=lkXXa0jrR-3IHdq6ngC-VKEMKRugGkxAgJouABfy5TA
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11227&gdpr=&gdpr_consent=&redirect=https%3A%2F%2Fssp.api.tappx.com%2Fcs%2Fusync%3Fidmn%3D109%26type%3Diframe%26id%3D%7Bdevice_id%7D%26auxuid%3D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11362&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11571%26id%3D%7Bdevice_id%7D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F821%2F2%2F4.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=F06qlvKX1QCZm45&gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://csync.loopme.me/?redirect=https%3A%2F%2Fid5-sync.com%2Fc%2F987%2F821%2F4%2F2.gif%3Fpuid%3D%7Bdevice_id%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=1---&gdpr=&gdpr_consent=&gpp=&gpp_sid=
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=2535980227366638075&gdpr=0&gdpr_consent=&gdpr=0
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://tagan.adlightning.com/sheknows/op.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=463&friendly=friendly_63882213&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=63882213&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_60653926&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=60653926&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
network error URL: https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?obhb=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fprebid%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64DSMVRGSZBNONSXE5TFOIXHE5LCNFRW63TQOJXWUZLDOQXGG33NF5ZWK5DVNFSD6YTJMRSGK4R5N52XIYTSMFUW4JTHMRYHEPJGM5SHA4S7MNXW443FNZ2D2JTVONPXA4TJOZQWG6J5EZTXA4B5EZTXA4C7ONUWIPJGMFRWG33VNZ2D2JTGHVUSM5LJMQ6XIQTRNBDUYX2TIVTWIRJWKRFFC4CYKVWQ&p=appnexus&uid=$UID&obUid=N8VvswCECi5GBYs1i1QLp6VA70F2ni4BI-Kgt71XiqHUt9A_TGBmO2bnQGdfmx4a&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=s2s
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://ads.bidstreamserver.com/servlet/view/banner/javascript/zone?zid=462&friendly=friendly_72510872&pid=1&refresh=60&refresh_limit=1&rmpid=true&random=72510872&encode=1&origin=https%3A%2F%2Fwww.shefinds.com&referrer=https://www.shefinds.com/collections/walmart-packaging-change/
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
20db39cb6b941dfb1821dcd1cd061854.safeframe.googlesyndication.com
2764921fbb442ed2ee8be03cdb4b7c51.safeframe.googlesyndication.com
33across-match.dotomi.com
3d2fb0bd-52fc-4b75-aaf5-2d436c172540.prmutv.co
5c6f324fe02b48e91c788ce69d0dbd42.safeframe.googlesyndication.com
a.ad.gt
a.clickcertain.com
a.sportradarserving.com
a.tribalfusion.com
a.usbrowserspeed.com
a.vidoomy.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax-us-east.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ads.avct.cloud
ads.betweendigital.com
ads.bidstreamserver.com
ads.blogherads.com
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.shemedia.com
ads.stickyadstv.com
ads.yieldmo.com
adx.adform.net
adxbid.info
ajax.googleapis.com
amazon-tam-match.dotomi.com
analytics.google.com
aorta.clickagy.com
ap.lijit.com
apex.go.sonobi.com
api-2-0.spot.im
api.btloader.com
api.intentiq.com
api.permutive.com
api.rlcdn.com
api.viglink.com
as-sec.casalemedia.com
as.ck-ie.com
assets.a-mo.net
async01.admantx.com
ats.rlcdn.com
aud.pubmatic.com
b1sync.zemanta.com
bc.marfeelcache.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
branding.revenuestripe.com
btloader.com
btlr.sharethrough.com
bttrack.com
c.aaxads.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
cache.sellwild.com
casale-match.dotomi.com
cat.va.us.criteo.com
cdn-gateflipp.flippback.com
cdn-ima.33across.com
cdn.adnxs.com
cdn.adsafeprotected.com
cdn.boomtrain.com
cdn.deepintent.com
cdn.hadronid.net
cdn.id5-sync.com
cdn.indexww.com
cdn.jwplayer.com
cdn.keywee.co
cdn.parsely.com
cdn.permutive.com
cdn.prod.uidapi.com
cdn.rhombusads.com
cdn.stickyadstv.com
cdn.undertone.com
cdn.viglink.com
cdnjs.cloudflare.com
ce.lijit.com
ced-ns.sascdn.com
cloud.typenetwork.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cm.gammaplatform.com
cms-xch-chicago.33across.com
cms.analytics.yahoo.com
cms.quantserve.com
collector.sheknows.com
comparisons.sovrn.com
connect-metrics-collector.s-onetag.com
connect.facebook.net
contextual.media.net
core.iprom.net
crb.kargo.com
crcdn01.adnxs-simple.com
creativecdn.com
cs-server-s2s.yellowblue.io
cs-tam.minutemedia-prebid.com
cs.admanmedia.com
cs.media.net
cs.minutemedia-prebid.com
cs.mobfox.com
cs.seedtag.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smartadserver.com
csync.smilewanted.com
cw.addthis.com
d.adroll.com
d.turn.com
d15kdpgjg3unno.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d31otfhas71ais.cloudfront.net
d3ezl4ajpp2zy8.cloudfront.net
d3r7h55ola878c.cloudfront.net
data-beacons.s-onetag.com
dd2df89f67b9745ba70681123dbca825.safeframe.googlesyndication.com
de.tynt.com
de9a11s35xj3d.cloudfront.net
di.rlcdn.com
direct-events-collector.spot.im
direct.adsrvr.org
dis.criteo.com
dis.eu.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dyv1bugovvq1g.cloudfront.net
e.serverbid.com
eb2.3lift.com
embed.reddit.com
eu-u.openx.net
eus.rubiconproject.com
event.clientgear.com
event.hgrtb.com
events-ssc.33across.com
events.release.narrativ.com
fastlane.rubiconproject.com
fastly-cloud.typenetwork.com
feed.pghub.io
fls-na.amazon-adsystem.com
fo-ssp-usa02.omnitagjs.com
fo-static-usa02.omnitagjs.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geo.privacymanager.io
get.s-onetag.com
ghb.adtelligent.com
ghb.spotim.market
ghent-gce-sc.bidswitch.net
go1.aniview.com
gocm.c.appier.net
gsm-adverts.betstream.betgenius.com
gum.criteo.com
gw.geoedge.be
hash.qualia.id
hb-api.omnitagjs.com
hb.undertone.com
hbopenbid.pubmatic.com
hbx.media.net
hde.tynt.com
htlb.casalemedia.com
i.liadm.com
i.w55c.net
i6.liadm.com
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id.rlcdn.com
id.sv.rkdms.com
id5-sync.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images-prod.powerinboxedge.com
imasdk.googleapis.com
intljs.rmtag.com
inv-nets.admixer.net
io.narrative.io
ipac.ctnsnet.com
jadserve.postrelease.com
js-sec.indexww.com
krk.kargo.com
launcher.spot.im
lb.eu-1-id5-sync.com
lexicon.33across.com
lightboxapi.azurewebsites.net
live.rezync.com
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.justpremium.com
match.prod.bidr.io
match.sharethrough.com
matching.ivitrack.com
matching.truffle.bid
maxcdn.bootstrapcdn.com
mug.criteo.com
mweb.ck.inmobi.com
native.sharethrough.com
nep.advangelists.com
nym1-ib.adnxs.com
odr.mookie1.com
onetag-geo.s-onetag.com
onetag-sys.com
onsite.boomtrain.net
openx-ums.acuityplatform.com
openx.adhaven.com
openx2-match.dotomi.com
ow.pubmatic.com
oxp.mxptint.net
p.ad.gt
p.flipp.com
p.medocdn.com
p.nodserving.com
p.rfihub.com
p.safeservingcdn.com
p.vidoomy.com
p4dt2-980w2.ads.tremorhub.com
pagead2.googlesyndication.com
pandg.tapad.com
pbjs.e-planning.net
people.api.boomtrain.com
pghub.io
pippio.com
pix.spot.im
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.keywee.co
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
player-files.remixd.com
player.adtelligent.com
player.aniview.com
player.spotim.market
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
pre.ads.justpremium.com
prebid-eu.creativecdn.com
prebid-match.dotomi.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.deepintent.com
prg.smartadserver.com
proc.ad.cpe.dotomi.com
ps.eyeota.net
pubads.g.doubleclick.net
pubcast-files.remixd.com
publisher-assets.spot.im
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
pxl.iqm.com
r.casalemedia.com
rtb-csync.smartadserver.com
rtb-use.mfadsrvr.com
rtb.adentifi.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
rumcdn.geoedge.be
s-jsonp.moatads.com
s.ad.smaato.net
s.amazon-adsystem.com
s.c.appier.net
s.company-target.com
s.ntv.io
s.seedtag.com
s.spotim.market
s.tribalfusion.com
s0.2mdn.net
s2s.aniview.com
sasinator.realestate.com.au
sb.scorecardresearch.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
server.cpmstar.com
sheknows-tagan.adlightning.com
sid.storygize.net
signal-beacon.s-onetag.com
signal-metrics-collector-beta.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
socialcanvas-api.kargo.com
socialcanvas-cdn.kargo.com
sonata-notifications.taptapnetworks.com
spot-im-d.openx.net
sqs.us-east-1.amazonaws.com
srv-2023-09-04-02.pixel.parsely.com
ssbsync-global.smartadserver.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl-market-east.smrtb.com
ssl.connextra.com
ssp-sync.criteo.com
ssp.api.tappx.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static-cdn.spot.im
static.adsafeprotected.com
static.bam-x.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
stripe.rs-stripe.com
sync-amz.ads.yieldmo.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.adtelligent.com
sync.aniview.com
sync.bfmio.com
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.graph.bluecava.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.quantumdex.io
sync.richaudience.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.spotim.market
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tag.crsspxl.com
tagan.adlightning.com
tags.bluekai.com
tags.crwdcntrl.net
tags.remixd.com
targeting.unrulymedia.com
tg.socdm.com
thrtle.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
tr.rev-stripe.com
trace.mediago.io
track.adform.net
track1.aniview.com
track2.securedvisit.com
tracking-usa02.omnitagjs.com
trc.taboola.com
triplelift-match.dotomi.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
um4.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-east-sync.bidswitch.net
us-u.openx.net
us.creativecdn.com
us01.z.antigena.com
user-sync.adxpremium.services
usermatch.krxd.net
usersync.getpublica.com
usersync.gumgum.com
usr.undertone.com
vc.hotjar.io
vid.vidoomy.com
visitor-usa02.omnitagjs.com
visitor.omnitagjs.com
vop.sundaysky.com
vpaid.vidoomy.com
w3-reporting.reddit.com
web.hb.ad.cpe.dotomi.com
widget.sellwild.com
wt.rqtrk.eu
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lightboxcdn.com
www.redditstatic.com
www.shefinds.com
x.bidswitch.net
x.videobyte.com
z-na.amazon-adsystem.com
z.moatads.com
ads.stickyadstv.com
as-sec.casalemedia.com
csi.gstatic.com
csync.loopme.me
d3ezl4ajpp2zy8.cloudfront.net
embed.reddit.com
ib.adnxs.com
match.bnmla.com
pagead2.googlesyndication.com
pmp.mxptint.net
prebid-server.rubiconproject.com
s0.2mdn.net
securepubads.g.doubleclick.net
ssl-market-east.smrtb.com
sync.adotmob.com
sync.colossusssp.com
sync.search.spotxchange.com
www.redditstatic.com
104.126.112.185
104.127.91.228
104.18.111.252
104.19.150.54
104.22.69.131
104.36.115.111
104.91.102.49
104.91.111.199
104.91.114.229
107.178.254.65
108.138.106.17
108.138.106.49
108.138.107.138
108.138.128.110
108.138.128.124
108.138.128.49
108.138.128.63
108.138.128.71
108.139.29.50
108.139.29.52
108.139.47.108
124.146.215.44
13.225.214.11
13.225.214.20
13.225.214.49
13.225.214.79
13.225.214.84
13.225.214.90
13.225.214.91
13.225.63.122
13.225.63.59
13.225.66.47
13.226.34.120
13.226.34.8
13.35.93.19
13.35.93.23
13.35.93.5
13.35.93.71
13.35.93.81
130.211.16.136
130.211.23.194
130.211.9.179
131.153.172.93
141.226.224.48
141.95.33.111
142.250.176.198
142.251.40.194
143.244.208.184
147.75.198.144
15.197.193.217
15.235.42.103
151.101.1.108
151.101.130.207
151.101.130.217
151.101.130.49
151.101.193.140
151.101.193.91
151.101.65.140
151.101.65.91
156.146.36.23
159.89.246.130
162.19.138.83
162.248.18.10
162.248.18.34
162.248.18.37
162.55.120.196
167.172.234.98
168.119.146.39
169.197.150.7
172.105.221.240
172.105.221.29
172.64.148.101
172.64.149.180
172.64.152.89
172.98.26.246
173.231.178.117
174.137.133.32
178.250.1.9
18.164.101.60
18.164.116.24
18.164.116.98
18.164.124.103
18.164.129.159
18.164.131.120
18.164.96.54
18.164.96.59
18.164.96.81
18.164.96.90
18.173.219.123
18.208.74.11
18.211.247.225
18.224.133.115
184.29.128.199
184.29.128.213
184.73.5.153
185.106.140.18
185.167.164.49
185.184.10.30
185.184.8.90
188.166.17.21
192.132.33.46
192.40.39.223
195.244.31.11
195.5.165.20
198.148.27.131
199.127.204.147
199.127.204.163
199.232.193.131
199.250.161.129
199.38.167.131
20.225.97.235
20.40.202.0
20.85.134.6
2001:4860:4802:32::181
204.62.13.72
207.198.113.86
209.192.201.180
209.54.178.200
212.36.83.245
212.36.83.246
213.19.162.90
216.200.232.249
216.22.16.8
216.22.16.9
23.1.200.83
23.105.12.170
23.105.14.96
23.197.180.24
23.200.0.30
23.205.56.163
23.206.216.29
23.21.152.207
23.227.139.243
23.23.164.24
23.46.189.107
23.46.189.209
2600:1400:9000::687e:7748
2600:1400:9000::687e:7751
2600:1400:9000::687e:7752
2600:141b:f000:b9d::2c79
2600:1901:0:8344::
2600:1f13:800:7781:1bdf:bb4:db51:110d
2600:1f16:e61:3f01:46b:43f6:5ec6:edd4
2600:1f18:4e9:5a07:a115:6438:daed:9613
2600:1f18:612b:4232:a50d:a252:f0a2:d6f2
2600:1f18:61c0:2205:2eec:2094:b091:c76b
2600:1f18:765:4800:7681:18d0:4c60:ba77
2600:1f18:ed:550a:4bc9:ac6a:bf5b:3f86
2600:9000:210b:9c00:10:43f:4352:ad61
2600:9000:210b:d000:1b:9b08:7f00:93a1
2600:9000:21da:ae00:6:1e88:a100:21
2600:9000:21dd:ac00:6:44e3:f8c0:93a1
2600:9000:21dd:bc00:8:48e:53c0:93a1
2600:9000:2209:5800:e:ec66:e40:93a1
2600:9000:2209:b200:1b:5138:8a40:93a1
2600:9000:2209:c00:5:82fd:2500:21
2600:9000:2209:d400:11:b309:9100:21
2600:9000:2209:dc00:1:a3fa:7cc0:93a1
2600:9000:24f1:200:17:b93b:fa40:21
2600:9000:2511:3c00:a:e047:753:6381
2600:9000:2511:6a00:1f:2473:9080:93a1
2600:9000:2511:7400:4:b37b:9440:93a1
2600:9000:2514:2800:17:c484:6380:93a1
2600:9000:26fa:4800:13:6a46:aa00:93a1
2602:803:c002:200::113
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:4700:10::6816:2560
2606:4700:10::6816:3456
2606:4700:10::6816:36e8
2606:4700:10::6816:445
2606:4700:10::6816:4f8f
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:20::681a:346
2606:4700:20::681a:68b
2606:4700:20::681a:832
2606:4700:3037::ac43:9a47
2606:4700:4400::ac40:97ee
2606:4700::6811:180e
2606:4700::6812:18ad
2606:4700::6812:bcf
2606:4700::6813:9e13
2606:4700::6813:d383
2606:4700:e2::ac40:8a23
2606:ae80:1451:11::2010
2606:ae80:1451:14::1140
2607:f8b0:4004:c09::9d
2607:f8b0:4006:807::2002
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:80f::200e
2607:f8b0:4006:817::2001
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:4006:821::200a
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2002
2620:100:a001::18
2620:100:a001::1d
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:116:800b:21:c1e8:5385:5098:6bf0
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:c400::12
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::300
2a04:4e42:600::396
2a06:8640:764::2
2a06:8640:799:0:ec4:7aff:fe6e:a48e
2a06:8640:987::2
3.105.86.85
3.16.120.123
3.209.206.63
3.209.40.124
3.210.210.147
3.212.173.20
3.214.218.211
3.214.33.241
3.220.28.161
3.221.48.93
3.221.79.249
3.225.218.10
3.227.72.71
3.239.232.201
3.80.12.105
3.94.248.42
34.102.147.248
34.102.163.6
34.102.243.38
34.102.253.54
34.107.140.17
34.107.254.252
34.111.113.62
34.117.157.22
34.117.239.71
34.120.155.137
34.133.71.175
34.149.50.64
34.160.19.107
34.194.32.208
34.195.149.193
34.197.192.192
34.199.23.6
34.202.91.172
34.228.108.181
34.229.3.43
34.230.226.68
34.232.140.51
34.237.83.209
34.239.25.47
34.246.44.25
34.96.105.8
34.96.71.22
34.98.64.218
35.172.60.244
35.173.120.247
35.186.154.107
35.186.193.173
35.190.38.143
35.190.60.146
35.190.90.30
35.201.111.96
35.207.24.140
35.208.249.213
35.210.53.219
35.211.178.172
35.211.200.231
35.211.233.246
35.227.252.103
35.241.45.217
35.241.9.51
35.244.159.8
35.244.216.234
35.245.208.4
37.157.5.84
38.98.69.175
40.76.134.238
44.199.144.94
44.212.237.84
44.215.82.85
45.133.44.3
45.133.44.4
47.252.78.131
50.16.31.29
50.19.69.24
50.57.31.206
51.222.39.186
52.1.195.92
52.10.88.47
52.2.71.224
52.201.153.89
52.203.133.62
52.204.63.111
52.205.242.31
52.206.147.220
52.21.15.216
52.223.22.214
52.3.219.49
52.3.79.25
52.4.33.45
52.46.128.147
52.5.87.197
52.71.250.162
52.72.213.198
52.73.128.118
52.73.129.194
52.73.44.187
52.73.67.203
52.85.61.61
52.94.225.95
52.95.122.74
54.146.97.31
54.156.152.169
54.192.161.188
54.203.119.5
54.209.98.22
54.211.152.139
54.230.163.92
54.237.116.249
54.243.179.35
54.81.115.164
54.92.247.49
63.251.114.182
63.251.28.234
64.202.112.191
64.74.236.223
67.202.105.21
67.202.105.33
68.67.160.137
69.166.1.32
69.166.1.67
69.173.151.100
69.173.151.96
69.90.254.78
72.247.66.215
72.251.238.254
74.119.119.139
74.119.119.147
74.119.119.150
75.101.237.145
75.2.13.80
8.18.47.7
8.2.110.113
8.2.110.206
8.28.7.105
8.28.7.81
8.28.7.82
8.28.7.83
8.43.72.97
80.77.87.161
82.145.213.8
96.17.64.29
96.17.65.140
96.46.183.20
99.83.181.31
00b7a057f6a881b07c21b3b72ce7ac9ea4548a485c0c8ec59f5f1cf726cd3c8f
00ec700d0355e8a078e64839f7f818aa8a8a58968579bd29b2837f37e4739b93
016209754f5b92f7cce3c66c0035d8fcf48b11d08881319155a3476824a1582d
01b3e01cbac1c075e37f3e4ae49ae6a5638cd726ea85713c1c231dbd2584cdd6
01c3a025b0c8fb03bc17b1bfb5d0e40ff081556e844abfb19044728a9fa1310a
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
01dfcfe991ac2e4dffd53173f4668c3fb3df791900c35c633c06ed1f73f1ce44
01e2fc168672d90e95d8d783474efc1c422d939f910999d2acb8f39a2ebd1f6e
02065a007ed6d7db45f50d1e01c93389f42b03a0827e9c1361e632203ae12578
0299ed9e0a92465371f16e00103bf5f88c539eb5350a112859e8e141d9c7f828
032df67c428810f3b83d34189f338a6a807e0c2133e5f429d4089ff2dba81589
037873e3bde7304011cab230abd95899bc51a3936e70d756bcd8bc8dfa72268d
03917174ce739528bdd43ec35d8c289a999e2dbd98a72fc55a540bea224ea097
041639ca2ca4c1ac138d86d2beeed135b2bc0e0024240c313dfa17cebaf3815c
04bb564d571f199081bad111bc1652e866bb7ae08c6e9c68ee18f770d7dad48a
0511e20f38fca17fc771556cc12868f6a7a875648cd2c031d2c1f8adb6cfddca
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0540e82ba86f827c4fc327b9abefd064c5bf3cf267492a31d1ea1afdcb8966c2
05607c46a0e139efa15b9f19a19b5c497fcf2bf908caab0a36ad2f51203dee5b
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05f76c3018b164df10bfdf650ea9f4dd8f75fd995e51d9112adf54b0947edb0c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06cb254f45f6bbe566d606cb45e0d8e1b6fa09dd2d9683a4e4bb4fda973fb91a
072f3d4c99e8fd5b6f8e19f5ab15d184d8bf01fa673ffdca3371e6019f5767f2
07441c0650539d317a2b7f53c93d1ae9103478b35e9184f1a12a318d9f69361a
075fad8dc99e36afadd5165463e68ef1539acf1f4922ba1318e0018c9f0aa3f1
079e94b7bc05d9eafcdbe460b053e04cc4bad24848ad8e66c2dd9d6f07e16d4f
082716f79dd5be3b8c16af34f54840685842cf86250a8b7fb0096ef04ebca04a
0828ffd7a28dd19d418cbc4101f7ecbfd9fbee640afc279728ce91122ece4ca4
08a2fbf551787398b8b831d56201b2f9595ae2819df8149acd5fe50a592428f0
08f76100e39b8cacb23256ba65f949daa06c5541e7851d6e124f5e50459932d2
0912420957e1349dea4b9d6467adc71c30de0c1f9b2e09d84003b3eae03971f9
09964579dccd832e5b330f30fa4abd2f9592e3dff5ea26a282dea745ba103287
09bc427deaad15ac079441db6e59074f47ddeebec55fb51b33fa2ece3c791495
09e7f808dd13839b3f0c258b8f08036e01a78e1d054d6ab21e38577e089d2a0c
0a9ce9bfeb09e96785ee5e001d63f5182a483e18230dc3731c24c8fffd0f6ced
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0bab4f9df73177123384e953a27e8a9feea1550acb1a07d1b73086b09425eff4
0bc89249d26ca4a4550d113a7fcc7a8da2e00b62ffa88f74a732212ca03c1279
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c890dacbc43030369ee0dfb5b9c530c3e6c583b150e4ef62c5dca45f121bded
0cb7b7044ebd985ade5130a1c784c792a35dffe317a4bc86f5e6c61a53e4974e
0cbdd3671a78c4febdb7524d99510f3b4d3b74c18a5feef64654b17eec6349ec
0d400dbfbf746828edab9cc3a3f82a611a31830b0d7611afd79b0d95ae1cca5f
0d67bb873095207d8db8686121993eb44860e22edb3a161cfad4fd684937bf1a
0d91e8b78f9d50f6dca25fdc4ef9d7cb2a5e0c102ad56ede94e74294de384682
0dbb4c54621ddbe5ae056b06a3aee8b41d8cb9f27d927db1716e6d0f134f0870
0dd1328f4a947ccb9155dff862e0884a7cf2683ef1aebd18252e1f76127e6bdc
0e4bc8f1a2c59e9e8e12e9f32a6812c46570925e9f72770d1475d8a1ee85476b
0e949b4f700d3202d53bf39f0466f8f01c30f31904d8c163cf2b758e1e042fae
0ec27031d965281ee498c59565822e0b8e0210d6420f7d34aa23a259bf7074a6
0f6b81aaf4a3e4991f704dffbf1faa5337224d331da7a9b0775042b9a0c8236c
0f8195fabbf2fdf81927e06f29d3baeba287a15306a82bb32bc7f6b0613f93ed
0fe54e4560d2a024a59fdaefd81d8037df63b48df306b5849e1cdd9ec9a153c7
0ff4fe886c21f09a3ba144b93e3eb818a5152eaac69c25fce50a31677078c533
108d7513aeceecc3b62fda5e963e167eaeb74295c5fb5737847ac454182f171e
110028de56fdb2f02d4c57a108b4db9fa425fe9226d828a4b31920710181771a
1109a5cc1fba328fd1771f747f8016d6259f5ab27647f3ae72f7226d1066f412
1195b77715ffa07bf58367c1d9eb241a80fa7f99a68cd0a330c79b79e2713521
129d722c999ae17ce2de396f8870bed3441ab39a6590d8fed63b44605191362b
12efa38df3194ed3adbe3d83d1c1fbbffb850981748e3947e9fc60427e208cca
13045aee93395f15d148677aa46a5edfdd62f85faf7162eec98245cb0b8420a5
133a81284db3e6eb325fcd359830833f3915b5198062f1a92a71aa425b134299
134be6b350d40788ea5912f30edb979a3faf07a74a5e2bfb2e30a831c20e25ed
14aa1f337a19fe92f13d8365a64133522e4f8319f43cb1fb005e391890bdd2df
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
15956c0a2d4731c70792f145ac91f4e53c8012f06f67ab0bfce1cc1cbd842f6f
15976722fd89607a5705198e142d0e2c462cf064536d1ba88e285421c7e25fc6
15a9f49cc3a39df9a27bdaa93d86169a965bb6fb33657ead545c60213e72805a
16c3294babd3ff9ae1c59d74abe0f9fa4ce7a36d47518db6de77ba0a54abe4e7
1700ce319dc58349b643a2770c80959c7156160ecb9b1bcd9f2cf837769d50bf
172e82fb9c69d0838aff5ecc6ccf73b4dd42372045993942b56a6e2885144377
1786068f0e4c45a2988c1b469255597cf1efa9f7a11ec63f1e528dd28c46d7eb
1787a5dfdba5a51fbef09d57aaadebb83af016d1b4f087236fa1ce27c06a99c5
17e0dfb575ceb9422c72032abab3a7e41a3818ea79e180d25a0bc8b8451e906c
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1950ff45707e284807d891b6f8fcfd051a528c351a55ae95e95964f11bf7101f
197c9a0e9a0776081b41c94b3124344e0cd5d6f899fcd85d502f95fa398d5aaa
1a7a067b1d1fc9f4e62759d87c995349dc25c15a7041b6cee98616b511531a2a
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1b0c18659c885963e4f6615a60e438ff27a296aa3134156ffe782d44d38d2253
1c46829c0fdbb5a474b233d1b95b4058205430a12b8b5479ec947ce0aa42f3dd
1c54f0f71a8acc4dd4ff46214771f0157b670d0599d91244c811ff7c00eb69a8
1d34355cb77a057ffcb32098256aef0ade7e1aa7812b9edeadac7dc7f2075e24
1d44a787447f80b8126054428bbbb849a8197c6b38815ceb5c6ff3c354434dd5
1d4a78769df11981630c482bfe090ec752e4a7401e15e79abd8d351f6e034903
1d927eb6fcdbffe640433fc7d704599dfc1162ca533ce53cf64d7422ae1bfd01
1e5ada85311794e56eaaa31718cef387f575ecc1cbb855ea721fef82b4624a65
1e9566328ed695496ddcfab7d78dffb01b62ec2e7fe0b2f09d95e8301ce698a1
1f658783eb2418be92d28aad3d0b0d60804efcb178d55de33920b6121aa2b492
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
21393e8ca2d171ff1272eaf52f394591f4682d155cce5174339d9b182528e6ae
21b0bf9ae9da4ec7ca4128ccba5981e459c10b9482bf67c8c953dea855968576
21bc65f86e0cd8dfbe47d505c85430a1356b7285e09f10a5fe1eff893dd27314
21de32a31b934126535d48ccc684d18827d937d7e08d68cb68149a894b914d62
22029b0c2d59fb711dda73be5381c426b3fbbd26405751e5749958ed5b381868
225a5216b8cb1515c5e2c41d82ae98e596e9589bac7d044808d6c75fa74a4087
2275ad747d3db7a8bac16b1d6dddfe8d97de3e8c047e46f032b9486b3274298b
22798a3b8634170635f6cdaf547679b85ada677ff4f1aca1aca8bb1d0ff780c2
22ee92569b468e5a3e5ef96096d34c4d0ac88de34cb2472441e0a463971def2d
2394d12e4577671d6d8a98826b3712c6c321b2d3fdc67d335ee329415631cebb
23d42c85b8de044716deef4fd88de6ab9edff8e0a198bc956a290b1bdae32204
23f5b66f3317536959df19e1c60ef98527b740332b8bc5a9307810c92d77e3dc
23fb0abe43c67d9772bf094f05c268d7ff0a9eda86f7b090c9256535a281d500
240531c37653cafc7f1e75b78474a24cc136fa122403ce8e473d6493cf93a9b9
243fb9953e49b6005f6ae1772f507bb789a8893960a495850afe43fe34030311
249f04cf76057709c4f1cb55979d9e2e3dfd9b72374b51207570b00fdfd7a18d
25357bdf1adac1b4a2e7a2652907ad2adaa4d778d268ea75de47c9990e5bae4d
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a
2587c21e92433883573fb9a7d23f3219f7263fb61cc36e0cedc4dec4a3841b6b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25ec2344cd759c7af3b8e00c5d527ee2163832e437a7ccf669a5850315868301
2600eeca7f9eaeca88f4de816464513c930dfb4e13f66a4da43c7e92edbee06d
264ddadc2de6c3803a3989b31228cf6a62287463552e10036dc0e2b40b8b48ea
26f7f04f30866228103b1f6f134835b0221023687007b7500cc4d05f2e8e5e44
26fead6d02f439d69fe920268e7ece8f64a2be8d2b3fb63b918ed113ff45f53f
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
282d77dabaab53a46c1e5be6eab3355ba1a64a6c6a8bbb458022b5ad99e8214d
28bd1da86f79cbcc050bfecf618ef048f0c48c45745dd7921b08cc8bd83423c1
291093e0a6fb10eed36fa3d930b918718d48f48aa7d94127a0804bf3982069e7
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
2932ddd53af18c70582106a88d2b198a867c4e61aeef769660429dfd18dcb3ec
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab012f16ec92d2a2ea53fd1149ccac6ad7f9829fa2ccae5badf9dc3ebe0e147
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2b0fb0a6b3e353c69158d61221c2200e4199d0d60dd0b9d99702a22eaa917a78
2c1640e3e54c335f18e92d56af8ea22052c5d3317670807c87bfd584fdff9808
2c508cb6bb798eaecdb0b4c54f1042cacc758d050206391fb0d92875bfefa520
2cf0d25b49d43a05764546f3ec2e55ded524944996ee9e204d259778ef72780c
2d5c0a6e1d981f5b51024544d54014cb57bf0b240ecae7f5a4eb6e0c2115c26b
2d85b97c203ab5342beba38df4178b3f694b9546f6162de1e69d31fd53dadfe8
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2dc5059b2f1e55a338bc7085341ae5511b80c51847ff92244a2782a7c5b7417c
2df75dd5414f39139ce6f757636066e98d685654dbb93bf2c0f93f37092f1abd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e7df51881edd22359b6e09b60d052c2216ce4e44b62889b49eff28f84004176
2edf70b06f99f805f0d2dfff495e0993e8203dc07648bc8884fb4ffa63e36c80
2ee46859435664a3d7dc374970512bf46030795f7d434a2b1d94637255485041
2f52c83d011c40ab1b778bd0f6149e2065c85248d97c472dbeea3bdeb18d77d4
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fb591dccde8db3af12e07ec58f971e49882e9e266d05ad4afa56eed1e50b522
2fed134db34f57e7b114bbcca30e47dbfb5b6abb959b27d838a6dd0fb554d2df
30811f9af1c96e4bb1d57ba56bd1ce1554c36b4ffb0a6f87168bab6a76b10d3a
30b9a326e81453d37ff2248639b64e5531e7623224e8d4ea3476c57c55c347a8
30c065c5189582302f1fc91edd7f8c99956f6f8bd6c4b242081f41ab1c772b08
30c714bf4216e577686d238b98561d093672cb25bf90baab50dd956f75cda4b3
323bd1ce0fde84a9e45c4e429f8da2c4b6022952e231dcfc53c960beace153a1
323e3ae0e8c8ea495ddda1de99eecfd486bf3ed5cf6daf912e2dbe3e64be6e57
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329097747348e36b5c64688dd042920780dfcf8c2b3557c9a64f43bfdbeea611
33844370dbc61ca2d240cd88ca79325ad746b733cdb487bcd8bce7cf5f44d843
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
33919f57d472baddb3985ea21ce1bd9ae67245b32e079873d29e13c8a5792a4f
3428dd086f6858edd281c51b588efd570c709d81a72bc773dcb3f4ad996428bc
343a6c2bc4231fcde5a83ef906379d2317391d648ac2c9cfe441bc8bfc7c9bed
343bb230819cb92e0ecacf1196f49eb120912089d2d1693ea62f1ced40b8f6ad
34781a83f4c9966ba06d7bb47e5fc57fe8e7dc68767171a4b509e0a5e7864669
34ceb939e30bae974a8c913e7327acc9c1bd89fca9a920a6e6b425cb52677cf1
34f576d717c7ac941eccc817ebc0145ce8b8dc8ffc2dd8bb7bdf06a550b9c205
356cd2d38950e1ebccc072c6107d3ac69e97c79e26da6ee7f7ccaf4db6cf6d00
35814d2479806ebf3af0fc0cbf6fcfa23f4e9b91e1b8f1237ebbed38dc01bffd
362afdb7f49f842619ac1de7bb636ea64897c88c304fa81931b6f40e4b963494
36aacc92c6c3107a492060a7df513f91a246e0ddde96275ed9703cdeaeedc78e
374018aee649958e1ae4a55f5c4c7adad1d84334c8d4ea6805f10f152734de1e
38390471daa6d0a426c3374ccfe35d9a4d854bc2e90081f888e6b24c77287e3c
388343c1d0006e06a77eedf5e2d6d9be56f331e6d990bc6ded21dd860f664caf
3885bbf73299c785780e33c59fba6cce695374dfa2db19466649c00cb227108c
394060c982063d0e9aeacaf816b921fab867f9cb82dc96032b3be845e46de971
3aa2c009711c2e611ac48a34fc42b5b5019d3237c2406edde73d219f19b9c445
3aa3256462b40af19c58827e24c72b610f3cd96c5cce93c8b9f59f856b59ac00
3afa29609b287f240f3f088c61fca96d33d832fafac704937026907d364fa42b
3afee20f39f9b1207bfdb619b4804bc142622c0a6d62f739ca45fe18530b7d5b
3b1708709624646711c38e000ad6e90b19b48e25893bfab9978589c0259bba0a
3b73779118c814aa81cb4b8d372989e0fd7860201220cfcb57b382cdada54796
3bc3e6ebabb53cd8314564de6fbfca375f5d5a5662f88453cd2e750f2769c5d3
3bea12ce8edd3de9813276b4ff5e763696406d71375740bb89289d345533529c
3bfc733aad4edd0f1eab235dac99bf8d8b4edb54465d830ae8f94b0b4c0e6569
3c0b6f2a8b04ec43199cb3003d61eb19ba78f473d7732870c1a3b9eacd3172d4
3c645a4b8aa2cc8552d0511ebb73dc04bcd4551f3b4cb71dae868f22649b6ddd
3c7b9c3a1cda5503ddae090590a36523802c86e8b957fe19cb5a8b8853efa04f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d8a017b708b0deed4f494d65928c2264b3b36d20bdcaf3aaaf3e044821acb12
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f4a9ba19fca7220cee54078ac4c35e1038940349a777e18e2c05472e7d1ac90
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40f911eaafaeb111aaf9d0b79bc9838d680518be3484482af455b7f4c6767804
41525e9401a730caaaf5e5306b0763a83cb592411779926bd6e78c0db3fb362e
41c7881f4a35791a1d749dd105e5ffcd17ae431632de8ab46eb4a5e3f041a668
41cf1325b79b2b6dc60fddd59b10ca2b86e47a20941bb2680371378f52fdc000
421207145eafb5ddfa1dbc505dcbe944031033aee9695b456c69a09fa0406f62
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d
426bab038b23ef01d7590704fd72732c2b20bcd77af33152b27fe5ac16924e9a
4287cfca65aa6b410fe8adbd926fd13ab7daf4d58eb241229f020848f562e291
42d3eb7d373afb36dd72a7e4aefba98de82fc8706fccc34f42810c2c0760ea2b
42d980a4e92a8ff9b848b3b59f84f987b13379b4d8f3f6a5ad50c178adb0846a
42deb08bab85c97794179ea4f59d9c9e4fb0eb84d552c1e0a23a8d219f301bf2
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43b423e7f02994fd4211fc7508b806a8456b1a3fa50767aee2525d109dc7f396
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
441dde5d96e5a37321d12aa21210935637f2203b34bbf6e67cf1646bf7154d91
464f12bd76fffa0a0e156dbd499926d2883c44fff6f430dc8cd264ff133e0631
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a55ca0d9edd7a333c6d0e7ac11bfc3bc884ff67803cd3b9afaedccdc790560
473d8ef5df4eb09820629e5f7fd9d8b0da99636558a99319b026bf13f622a5bc
47a7e50a0ade32c62c1191246890e4e10cebfb1d7a3051a021069d9a14ba1dbc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb6f26503a859eca781be1dc432f87c7ad040d2d5eb45f1e62b3865506eb0f
494dc022010a646dfeb0e632c754a055bed4f7ed72cdfdba195d2c2dbbcb2da2
4a40bf8d64162b18ada1fb2e9c33362f8ac4d3f593bbb72da6ac6457e63cdd8f
4a5803938f7c2b5ee1a9c19a7ad0319084e19c813dc286958cfc32c73f17534a
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4a8cce7bd28f740b0ec159c5c8f5ccfa25cec1350e0791ce5af5f364208952ed
4af01de6edddfe590291aef2b58fa92339021eb6abeea780f251804633969948
4b35afe8c225a88a7ee1abd1d87b06ee65d1c6a7dfcc77e773c682b33b95f77f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba95a958d22f447f9586b7c8b8e7a8e35b3343d415961dc96e4a25cec0acfc5
4bd2bd5daa03576633f75d06388ff085cd188ec182e02c5d90781c7d51c1b883
4c4e1d1d6b881f146a475b3d009cac2e81e5a3ee71f836d62cf32330c0bcad57
4ca18c247df52dd22650bd7f72f71d7c98102243b0ec474f683c6a279ad3a668
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4d5150feaea97c18e9ddd2754ccdee2f8c5419cf8868ffd38d431e85d8148bdf
4dc1b30a52048cc64f0885815a16e9b7929f833a01347a293a7f8a7f9727933b
4dd66bdb712c77555f53d8c3cede3b80508d39f162c6b8cd2528460b379360fb
4e0354746df4d7d2b190f6a56b27f495abf4f256a947fff34fa122151ff5ecd5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e126f5d62d08306cb1b2f1b79e834f075abe3241f86cc1606435ad53c8af1d2
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f95bc39378ffc11b03d19f826dafc6b6edd5de8b7deb22e22a5315d9dfc6d41
50883e14db0b82e15bb8c7506f24c28ccacfdc516d81e26ffbdded823fd5babe
5133617faf32194dd8180886b64c7f1d0fd817be96d0f51a99c063f9e5648971
514212b40976e8115dc226cd11b96b8c9a14d3aed1ba433a34571104f4a361ca
5240f81348f6e42a822cb94a7440d7dbd266ce56c6f6201c50357f43e9fa5a95
52870d345b11fdb513945e16c0adca6e1a9f42883c07c4457c24a62a40540171
538daaf8792da3aa24a00df9530e87b4ddab90da8149879899321da94d949850
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53a85716e04c6b6203575e048098049406fac2593aecad28854d7da0095dea51
53aee69150744d6dafea038662cad29863bd32a32d544eb340f9b0d04b88cc33
53ef1c32483e1b049069e2aededf746295a046b966c77b19084701fee4e7a33d
540b0eb6b350abc04a49900c1657c23ef076c3ebe063c1b4152b74fb639da928
5413e64fb18158d3f2a6789dc0bf0bd1584cb0ef361040f4c56884042dd70398
546c5cf136073615afda5cab173feff341171a26a848cf7ce09bb8bd8b07ce89
547f9ba0a654be6b4075e82a87a6e848be8d0f2624ab13edfb47d23ae5b87bb9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553b8f11f08ede881e6826839b8e99857d0524fd911d1fb82890663ca34a32b6
557c7242da6967c57875ea939198caaa3bc37cfee87a9652ecb57a4152e7654b
5588986dd8073373970c935b707aad8159304299a5d90aca6c0d1e60c3d03910
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b60620a6c365edb54cd69c881cf1b3fcd63af96aa1c713966eebf2bee4089e
55f2515410aa89f0edc8a25a90e7c5725593dfd039d46cf226436ce7482ce994
5608096fc9cedaf1a8f8827c7af2fdd22288946d021d76c627f1e33ea3e9667f
56233df21d5cf20e733370b2ba8360f291783115d4fc4e633ab23dd0ae4af4e4
563c2828b96e60d471d369d0f12dabe89e209931b7f1486dec16ab7a19c87930
5645adacf5b08f2a1be751489e017665af268ec7bfcc5926f2a4bf86a8e2a1ac
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57b0e0a7d54ae34142ca6704ca24fe6dd3907cd9098575866dc6b4a74ee5b3ca
57dfed3ccf81413db99d1a51d03334e8fc746b1abf0d07e909381cab1d720760
57e24c71c465e7aab73fc9ca0de9a6c453ff3fe55fee0de752e5ae97757b4707
57fb1541c9c15b51370d3d8148e9f05c4fa413f9a4c2d407f872f9c576e92ba3
5820de399e2b9495b17ba2f3092f1767d58ef94bff5fa5f8f3c118b26f0fbcb3
5823859b4794eedbd68ac927386d5268e71e49bef098c96a1e095ce8a41fd40e
58a3242ba747b3c126b4a6f6d6881d569d30a9e2e2c5e70b08d2338293c3c313
58aae83b5afe4fe6d6663fbd7db69e536570d689abb4746d597c2aa931ed594f
594df9b064f662213f81df2715fd3f4891d273620adef1140663f5430d30da45
59809587724422a1623f2ea0b361f2c72e2febc92e37faa84dc4b859674e826d
59b2025b481096906f8950a172b11a988116108deea4ad52e0fd36b6ce45a618
59cac9fb410096969d5cdcf51826f452eb58d243a27422cc0f99d6048175a8af
59da6d677a17058b10d405d7af8fe3b938025b84fa251cd1f679c7d07182a7bb
5a891907f96d611ae555dffdd0d7999998a80cae1bf8fcf4abf21eca4c1f2520
5a8c6de7e4afe3d9c8d0703163df5ae98aeefbff45f96d4b95db70beddebfbb8
5a9095118485ec6a4b48ef54210ff6df0107938586037b4a94caf00e953068dc
5ad7728db4bca07592a10b2c8c21c42cf864aaa8ad5ae4b5a01cb34bd6ac06a4
5ae1841d71ce7be640c978cc15523ae16ed897e5273e6b8990cc2bbfb278b739
5b1dcfbd77fdd57a2d9a9f2e5b2e549a832375a35063054c8e0598a23ff8eeff
5bcede6c5d5aecc628e38729f2e1d81cd40d8512f71cdff84a1a0305d8402422
5c428dd2c3d6d9207eda47bc55dc846991c004be03d109546e4e1f449bfa4022
5c93797724bba4ec5b5a3f5663150c84b0a23799efbe78d9e46372e76dc6763f
5c9a4d7378ed6194110c80dc0c2476566051f70a8c2259b7797c7da154d3361e
5d40a2e0403ee1096f5963fd1b1bdef47ef0f3501d68b2ac347b35bec753f615
5d9e8cfd13ab9f3cb184ee716c93c4c007837b001ab17f762269a64b2d8958cc
5e48045f1056adf3a78666f71b02bce75f6f4a4eb46eaa90050bec9e3535024e
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
5efb32c547c884d834a574a463c0dea616f6854c71b67d973d85f7fb99f35a02
5f611571ce3c4e5f8cc5f8338ae26c5f4109e843a851c5dbcdf78713af1da472
5f789ccae156b160492d89a6146b1974d15128790b74abb995d8e89fa44cde5e
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61614c7f8f5a9e5ef4d7d50f066d7dfcd016e998908a38c88123a353ab5d3254
617b56ef335b0df162839e835c45e260ee2b129984b49f4198e3826d59ff0075
618e8b43aaa87a38ec6a53ffc40dc1b6758f6ff56dec2091e268ff5428f4ee03
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cfed754c3b86c633e0e69daef2962f40f426d4fe8bda08164fd7ab608f0e0b
61d2347d34e408afb8e843ad9b457fc586e17a278cf4d15db752ecae5bf6aae9
61d524703c0479204aea0065c6acdf38b512ef639081bf39e2695cff12834b1e
6272c92a7b737f583b957b66da0613f8d5a32b9a11c8e267f66b0d668b9174df
62a4ce81c1f10e360cfb81951999cdeda7bd12ae413c7c2b087014507c8b14d4
62cad5993e48a34ea31faa5e445210469b38748e69b4f49ec166057096ee117a
62f101f773aa6a4ef717deb3ac81476044dfb0587e4a3b17edb1d9e4b2204622
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
635f787cc3f70572ea6f5dea895b8972fc66e2110243a090b7156e7d38557f68
6381db42814c1a98bdff9a6fe5b82c003034bc2e8765c6fd645c1dd855054f08
641bd00a99da7ed50fbaec026ed097d7bb52197281974e6ab0904dc1af8ef3d4
64348713a5cbbbb38447fa1ad62017595c6f63af8e23921ab5d60d51fd776fd2
6435522b12db8477c3d43f483b51389315e5cb5144f53753f7116b462ec5947d
64f0a7fccc0ceb14ee0994228dc339addfc8dfd423b601b21a3ad44b17e9703d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
677bab83edbaf28095393d59cebb7929d4d06499ca6ece8081a430f0fd2efa9d
684233ca05f06cda59125350de0fbbe97fbbb83b8b20e650dfc9001847717356
684424448c58a7a69e197dc748ad487f986953ceede07147741ac37c145138ee
687123631d0c3e513b72f575a5169913feb29a321af6b72c624441a69315ad7d
691a79128c4ecdfbceaed1e676d4523893fbff6fbf061bdaf7194539ca5c34fc
696b7b641d993b2664d20d1fc0a7d81e1dfe55db60535b8b946159e3e7aadb28
69a84159c783a69418259ac545e234d7d38e56e65df2d42a23b90e995a094c0c
6a1e3f882e0c8bb2c148abefdb88ee2887722c8aed661f5d76912e1cebae9f48
6a49dfb07bd4503e29f4e03a2de4dad88fec6dd04ecdca88978a64061f9624eb
6a6745f887caaf797b5b7b5d39209bc3a37cf2bb8fa83ffbc004b05fbecdb260
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b38251cdbb41902ae01428dc0693b4aaffa953caa9fab7ea917b57c6dcf84fc
6b521572a44abc920b5309e2516cd6033c9c551ee864bf3e22e835cce242b736
6b9c4daf85b4238b862e78ce4482e15f0d11c45b7b7e28ce5a4e198bb683e2c7
6c2ded3639d4718652961cb86501042e3d73659f123e26d4c68d2f3626034ca2
6ceca202d09a5ef57f3134fe038d485e08ce70371bffadd01e88a43b880fb29b
6dacad7a02574323e64231bdb477b99dbac3bfafe28be370fb3d2e9fb2650b9c
6dc55607cd6dc08631794234d249d9d7e6797ebceb7972e51769fd835be72500
6dd2245d78aa2555f91cbc235453402019257b6a22b081d864f61ac38f8009f0
6e336d445a11b4020ac2229623b3d0e24626acd327c799e63f51bdceae2fcfdd
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b
6ebde7060dcf9c2db0f9d8120e37ddcc61a0039b3df9ffda4b40149a3c4b9cb6
6ef62dcc869fc67218694d5b857c4b6c15e859c6739d6e4c00f75816c4e673b7
6efb238c762682b3f757af15adf1e13526d72cd0a4187fc09c3cc4f2d3049b2b
6f7de9d60ffad3e97e8b9dc0ebe9dd8cad72ee753f1a689f6ee092885a881f1f
6ff48ac45651e8cb9222811c0872701141a78d636ac93092505dcf8d9401d5c7
70db79f468b25dee4cae190c6cdac0ae7b9de52d81f4c465f06fbb5a6ea059fc
7120c41f08e796d34323ec58630362b95b99941a3bfb497b3b667cdf4a117deb
719bf23cac0305ab837ad8d99a3d5c38fc29fe180b62382087ce7c359bde646c
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
72d8b5c4f1207dc6ad940b3c3efbd2bf6ccbde34af6487c6e5c6fe4a2100176a
73b44da9470d0bd09c8e4016ece582716e361bd6962943610db8a3436eb864f8
740ca606e9ec2d10fbb5949c135c4c57a347ea9af63ab26e0abff36b8b77279b
7446608f783007b998f8bcf178c044468516c3c5b178a87c40378218ccefccd4
752e07d99c607e33dc79ed57a664983cdf1ce5719a162d60619eb3ba9f34ee4e
75802e178f06d7d72c46c70e31fe99fe8e79785843f0523a9fd2716fbd31a1d6
758c12e129f172aae9fedc8758dc7a596b5be726455d3a97cbcab7aa7295ff8b
75923de2a993785ccab38a3f2766e0ef00649c91bce9c3373ea78fa40dcf68f4
75e68f6bd9e6a22cef0e97aa7cf61dca6b9afa6572d91517fdf799e11d4f9073
764c4e59314a2d8a37e8ce551762b2bfaa99ceadc48d55ae24e5b6f585c6e436
7723e81ff2b94575ad23a0be4400101878e64575b283044ba642b44fcc53cb63
77390a45ee324499d29a8ed051daf85943adde0c13e5fbf15afce4139619012d
785d2a3b79de241b223b69b3c0f95804da264cdf50c0074d0566e89bf11dfde7
78ccef7522f7baf479156fb561dba9d46ada560dd2c6345e207052c139fb1000
79fd83bcdd3db7cac0a11b39c2878c0aaadbe136cffccc39c99793ee6a428675
7a413c02c8143abf1d8c5183b85c31491e75e80d981f501ac05cc14d78921a3a
7a90ab9754bf4255790a397020c905838fabbc70b79a9b31660862a4f411ae14
7b22f933f5be3894fc47e2f4731be0b33aa1254c336dbbe772769f0b323075f1
7ba05bb9ee8a702ece737b9e8eee255ff1ac2a4f952f8f6dddd5497451b37558
7ba87d50b2559c604f49cdd54af373f2a9f032f8c7c4ee3358a32797e7610ca7
7bfbc44f1fd50ccbd8686d846b4b6d7c0ebb74ce8e3d2c1eb677964dcfb97cb3
7c00c6942c532aecc86522db81f50d1f97eec1effa481e2517090f6f34627038
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7c3e28378658977dcedf50881c5b9c15cf230fac7ca91de05bf84b112e31a037
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
7c8b540f3ada00f8031b2cacf859e03e7afe1401e8e1995be5740d3bde6e2600
7c9c80a6c32c0619d61c28f28723e68c5f8f75163e77ee5cf64c39e640e0d71e
7cde5122b3c8307bdb041016e68226472014181eeabc4346d859d8dd58388732
7ceb51a366e31a656b8d60b37328a147eb414740bff06db6858805ff9eed5706
7d45078a116638574e085806e50bed6d3c6976b816ba3031a3b427615eb5992f
7d68e1b3634db2da8c394ef1754ae0bb9e0fe14e550643e0b913464ce66ba6ac
7d919bb9219cd72d43ec8fea5306a9a28aa99c14388a879cd89a9919d9606ef5
7e949a839200592403a7a636c40a479a3ff25908badd1c6c2ae04b7a3702c366
7ecb84239efee9e3a2b1aeb935c714f19074d8c5cc36eca3cff464bb9ffc7539
7f03559454319f4e07953263db04f128744922af6aacdddf3a1f6570ef571a9f
7f5d73c848836745a93ff7aa540a8f83f9899e3668628f42e9ba0cc6ef5e0b32
7f6384ef592836395a0f2d66f918cad9252e888b92864b20f5999dfd235bee82
7f7150648e59a797d9677dc5820aeb64514ada661371f9b4869d9dfe028cad85
7f97172c879399928ec0ddfbf44fc9c89a5bf54d0e3d428de302107390110a5f
7fbde59772a429e282899baf18b36a95366913ee589af6cc86bea4512ae8bde4
8019297b697cb47883508c210f6a8d3b1d5b7574fb17c05c06e65c39d6f189ee
80285dfd3fe73b3736d5c9f1565b45e47543dddddce2d54c47093db9dbae0a43
8098407777ccbd8b229fc1c982b9cd78d4e2041d1b7f437d338b6715b3eb5225
80ceb24e893fe6b514a807d447119c2ad3b648300b64274170937454cb51fb4a
80f72b5d89d4e786dce9cb90234876f255718ae35b605c8bb3c12d2d7278bf7c
81182b8b4dcbf167013fe43ab96d167e717507a6d6023c56fa94b3913f1ca406
813cc6fd8b9ca945b39cb5490faea7624b687ae142d06c37fbeba4fc2bdc0355
81913b559dbc7f44bbc3f0ec1a8cfffeab10d3cda1b4cd1557cb13d9e10caa8b
8232d849159012c5c1c3a81c3b1ccdccfc871799d673fbb4fd238f8f2b6b3840
8241b0cb4844f15be34ad73a6d0a2d0b814adb57cf78b41575893c1571810b36
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82e400c090fb5260267fa339b115e8fe2cb3171303e252844d9756f252f39099
8335281e77851300a650a519962ff48977aba1ca2280ef8abfe648d04c16ccc6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8365b122b9687e93abba4b7c0e296b244a803044a5c02c3618be1cbb489b3d31
83762ae5792674c3d083cca14ce599de427a873b1541c4b3b2bfa31ae81288bb
83dc7516ab475af2f60455688ab9bea9806ea1d2d9f3b496703966a1b47370f0
84316d0f05abbf7b6b0ca0dfab38011c5e6eb16f19b01725488b72ce2e8ac115
8465cbf5bc8b82a9666d40a357bab3a016290618bba93e588929d884b3ae832a
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
84beb508090f334c29462d9d14c1ba56dbf81413248d72c7641c2312dbb39694
84c933abb8852d904283e542cf329db976e20701a1443e615fdcea32ab44c48a
851a1aace07f995f5075846e18098478b6fe7c7e921e84747504ceb39f6a94b6
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86ab1b9968456d72e1b3a6bd54ab3d1d92a1cbab8082a17c82da95a81512236c
86bd9f21bb4a8221fad8dd07771e0ae79c80c4b58e833f9386281040ac64c32d
86ec23821217734d74230a6907152bdaf190cfe1f1c6b3490c6ad76d902727a6
8711fcda086c75adcbbc36a05df01221429bb90fa994302632c90868faa73115
87bfcdc6b3c61567aed26c9f0687c830cf5d948a81b5df9acf75163ecee402be
882441b5453d61d492bd76c8101b6f83884902ee7a86741d33f94ef682e35f76
882f6374dd8ce09f54bb8b910320b08eb423e869e148dd1bd063f00ed68d139b
88b7b4898a719ce5a6e3bd5e2c537e08ffa5b070a72a94021a378751d39bf243
896076805bdc760cca1ae485f0eddecea7f62ecc470d247f84ccd8cc02ec6dd6
89991823a731f0f5b97dd9b14379eb2a5dae066e9298948165a0e182fdcb5284
89a8ef835f0834ede595074d5ff694ef73dfc369b95d99cb5becdf4108f2fc56
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a2059e6665034e930dafc17ed6efc750d1a2d39cdea517c7e5b4b3a529325dd
8a3dce7424732e7e5da95dd4d38203a1c6158c99af9825f75db76e0343c3245f
8a9e7c3f7718290bf26b649ba64395e64c02fc31df22dbe4e87be1969c51e433
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8afb7b16db12143090af897471534a4798ff7e1977711c8b631eaa9b87197418
8b280cefef6fb0b9a2afd13379325c5a97441571c0756a17b461238973aa2242
8b3454bd963eb317834cfca823fd0d6ebfb59bfebf5479dba40d4706b12248cf
8b4d701920988ac424209a3d0a821ff0064b11d2119843eb4ec8d6ff6cde6096
8b88213f964fc3893edafa902b83e9253ddeb1650ce0ebb93f898aca29f9f694
8bc1a93771d94872461883f2291a48cc07fb795159ed7309a0ec958b8c76c02f
8bc72d7cd4216783222e6631bdd84bd3f72939f7777ca20d461c14c4ca9c034f
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8ea1003e256bc3963a0bed50a6f83993ef867fde2294e1a8020e886327319a9f
8f532cd196db362696a6dfad2ff370756a8b45b096c35eb2e9c8261f76878bfd
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f6e92dafe4dbb5369be43a42001e59672824423207422b224868ed88e114c34
8f8ba42d03a7c5a04626835a48b8212f61a3440e51d66b4b866a8d20acf32f57
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
8ffd0935d3a74bdffa6b8a1595b08705a25f6b3a07cef2c3e250332b30c24a8e
9144988e999168dfa6703f1716a7ce030b5803a87b24afa6f1a7d0e9c3a8c7b6
91463f3143ac0c91af52387b9db4299fd177ace25f22d27350dee507ab654ee8
91605739a2dfb9746ad599e1d4e88499641083f2fbd8017262853b605b3becc3
9163a9e397d818cd252d74c78be9e5a8dde68c72cabde38dd2a8c47c8c611f59
917fbb162b3f8ca31eda6df68a4d64527e81112d2bd71fb27a51dff027eaad8e
918e97a6c17537a730fd325891dc6bd246febe5a65b988ed6fda657386fc3ea3
91bcc65a1a6bb4755e48576889ae27c2f620e49d126b8127dd16c1a99945b9d5
9218fb7df183eae169db7c9582bd85fee59ba2876edb2d5107b9ff5f7bf5186e
92627de3f8247ba3779c04c97da834843cd2ce0f9b8bcbc90d5de669286c1812
928d1c50f77d48e64b3461df0c194a81711c6528588849fc99710f96541cc51d
9294660dfa6ac7bef0315e0dde4d9e7e44b50f0b9de25bfbb721c092b9cf5afe
92b7ba6e8df74d4f0e91329b48a2e6076aeb996d4b853bb295c55bd38840d459
92c64e3a90df6fdc1a33494595991d91442c4d5a5513acd0300598f7a7ed6da0
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
92f01ad37baeed3375cf1c566e6ce76412c35d5f7dc91a0e184bf0425518b263
93333b694a5fd2636ee7cef4db9507f215b598af30400008adcf36a348e76d31
933ff38629199ba200d23e1a3afda3ca9cae06352169926a4609942ab4d3742b
93581304ff469db5b5b26d3f7546ea6d7a2a362b7b2981020aea277cda93ab68
937085b9310af935b47f756a6326f86351c9fa0066de9e313e8cd6623ca0f888
937655246dd3b3d63a161d8160b690a8239b3932fabead1b0a3606993f487a4b
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
93cad8f03e2ccce52695f25a16e31167e913bed577f796e98ad138c983092887
93f2b78ba732ee63eb6163adf13393f94334dfaea23f9177b2412226bde453dd
94168c869afcda4c97d8247dbb7acb00a8b551b86a427ad72deca215f5813a90
94b68157858c369d59cdd46c1f86b553316db7417f0aa0778e4b60604285c416
94be8fe6d8e61460a6f3ef1f0d3db8853864b5c9a3c22fecb2b32472c1325fd8
94f59a48294d99f8d9b7632cd5a1742670c7735fe37ec7c555aab939b635fdde
95de51b35f4b003974cd6a3a2ebe4c0f02b95e625c250e20d61e5f953a717d50
964f6558ed8efe0721ade9d694ef582a68b7e6aeba4d098c75c8fd8f9659a1a7
96ef0a27fb2a76f331f10aee91d770a435b441bf158aa4f97d37e5dfc8c684ea
983231caca1b81a8fc08a98ddd8a0bebd38ef8e09ed6b7a4bd204fb60596ce10
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98cfe6f4aa87b4be21bb047d4634c94dd3fdb663b3e6232259303fcab6c8cb8f
98d8c1199a6b9cc2704321101b789ac19ff203961d9ff1668ee04d4d9224d9c1
99308cdfd8830639bdfc6e8d44e2a0b5a34bd814fc2b60e18aeb5591dbb727bf
9948774e9b048321605cfef3aaf6d566addb2eb53c6823fa0c506d05cf2a6d5c
99a7536110ef2e97cdff6da3027025626cb350fe88b01a6b8ac2c87b9ee4342c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a2add2e953096283bb535ecdfea21242f2b382e0d826b287fc27444a561267b
9ae8e51419ec5f93e3bbe560ae14a16102955743745d988536c0faf6d7c23bc2
9b10618d85227eb7b7f1563cf22be94be2177277866ed4592ffb6a7101f20d09
9b58ca17f7efb9c045f556b1f7c44eaef6a87e5fcd7ca8fb018937f1d4534b5e
9baea8d193994ee4c35764f8965fee1c2213db2278a0a0bfd6347252e8b4836a
9bea9774a7c2714797d8f83a8f4381ec099fc8a09464aa91c7568507c0d15e65
9bf7b1cc376ec1069df6a6dd8c98c8ed536bfaa25c081349024595e9f402a506
9c41ce61bfa0285a4cae1261b2800da44f21b1654c6f388955e53e357f0cfc33
9c96120a4fd07187e4c39edd86356b7135191b773821d8b61f1f54d4df9ece5f
9cbe332b08eba53d8ebc2ba291bd763b74cd6eef267bfa81d74a1a6ce89afd71
9cd17af00b58e83bcf70fa97448e21bc6def92af0c00dfa7349aeb3200c40b8a
9d484e0bc43c2fe1616f13be7286217a719cc4f38162595166ff05fe55bd08d5
9d5cb7a2e7ac32f3be6d9ed64f3f932141e003b179391227ceb63aaac3b5be12
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
9e4d956d497171b7f04076819c0b18845258bbd544af0bcb3c967f5b1d2a3b5e
9e69f5fc00bc8a4343aaa025e8c9ce3345ef0ddc644e5e06f5b91dcb1c0c3c36
9e87a823eb5e5b9b68b3389abaa2296f17b99bc1e4ce715a22fd4425bf127f85
9ed6b6f8ed31dd950c98bfa39a54aa8dd525f62c6f645f5897757c6be4a7ebde
9f5d5049f8b35d10681d9cbb884069cbb3467b8d415c06c36804a9ea6234ab69
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a046f917d0acd052e2ddbbed8888cec164adb8ba3224c9a6244b628cd8063fa8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a91a7fd74df3eaad9dc98e269fc0f52c0fd6278a951c98809d7c523f8110bb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a15fcb2453f1234a67fa10a26918e1e5e4f749725ca6ddc3689d69b0c588a890
a1749f37e3d13616a0d9b346b2da534229874292fa2e480d7c52bb3082c8fe0d
a1a5255fa49421995766043803736b92e2b8bc546bd992fe06e180effe0a119d
a23e6046c20c4b7a248a69d6b21410e1149ca9e531ab5561fa88f8a691d75a88
a27370277243984870dfc67b36f3f2bb299738ec7d0b4ab2e4b447f23e612ec4
a279675589a8d7f06c9e70a5fd7e082a736aa7e8db90878f0a46ad99d18a0d91
a27cb37cbd0004821affaf75f4349e9ce6686b587c9bf8c6fa1a3485e7bea4a0
a2dd9aedcd7ec64cdbeea19974bc3740698aeaae2d0652ea72ac0cfd190cb8d6
a31aac92e848f9f6d600904d8fc8206d2857e8baa563564f8d75d4d8c2b9a28d
a3ef17b26732b63a74261e5ab0c680be36655833f48192315326be2f5a92819b
a4828e9c469bf9c4a59364969f8c3d95830efae62ad729eb1afd6a035c23346c
a4eb53d86014ac44f6f609a99b3f46f7a569b43a95a311b5e0335ba71db64f0b
a4ff540b2b094a846ed130b2dcdedb8d59dfad9bb9a6b24f5afd315b507b74e4
a576c657185f4c5e658c5ca84bc69534a40d87eeca7d0541fcb414634e4b76c7
a5ad6940a6a0850d71781ca95d3af5960c6af7432250ae9694cdb319426aef48
a5cf239c7e8d9f9941c21e599f20f2f4dfafa423a8c482bcdf9647fe97d8f873
a5d9e3a643c9f14582d15e8f1c53b75b734bca525a751aa416e6aa1fbecb67ce
a5dabed54019cdc6c9853772ab679ba81d4e1d4e560d7dbe585d0cb5d77b2548
a63188865c79b22e183e7b9f196ddb436355389943f42585f168ad7f2c0a0072
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a6cf3bf775d68a1ca2cf2017fab25029316f54d60457afad1afcc3f38bb98d41
a79bf273bb7741d5756c135d9f9c487beea96c942f1936dc7a6155ae634d76ae
a86c2d31450ef99ca07dd290564d73017e868fa3b1b028691ff28998cd542444
a89998063052015a64f4570bbea9283c2c553981af67171722e4d025336eeaed
a8e309e5f3097d6ab1acbed1a0c14ae969e9c17cb0dbb8f2dd621bc069bb3d9f
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
a9daaba14208d4a11facc1c74d4fac2717864aedd04b68d1f3076ffee8863c41
a9df5157dca26c2b514915e3b098e65cbd91132f736c32ed47aeb50626e02c14
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aac033e01ef2e328729a0727c202379dbcc91ccab10732b02a6a958cb5833319
ab3bb5ecd333f5d9dee6a2b38e881142bddbfe04e9204a02b592c21e6a9db1e1
ab925196fa47dc7d1d177dea19fe5d608e6f1821306baf2ba42a22eef9b440ec
abe87445e2b7af2e7621b6d388e56c6bc6a480b07730e8e0288dcf5044a36912
ac1eb9e71e8e1553c1fdb7178679e4b7cb9baa8c23feeab2895ce10f0c5d0f18
ac6575b4e4685b3f889dda249cde1634551a9f6b47c52f5dd930f8e00e4d5b18
aca85cbd7bf3cbcd99e10552b9c13253881d78da433dcaccfe4a80029cd8309b
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad1874beae3e8188cf74302cd05ad8e6a09af063e1db72ccfe61bd03dd4252e4
ad9bdf341e0179d6854036efb9a7a9bd336fcc69be56c0a4e31583443350cf16
adfdbaf24adec41a47a72f9acc3f245b16e833df152ca6f8418e969db19c7fb0
ae5ee4ad97328784ec6723a5407cea1e0e92ffbf5b6d97f28afccf2c99907f11
ae878970a267feaed866c16cfe9d8b2fc7896eef8abd7033fcff0d65216e425d
ae919ee9c78833c90e8f241bcae81f6b50611cc0dd4953f67d3c44417a744b29
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed2024c0b547dfcf4693718aa6b73058c09bbc2ffb4608033cb1c5cffd2ac19
aee2712bbd80a81b6c5c4421c02058f44d665a919f38d6f1f0bd24aa31c6ca08
af057a99b1da3f69929dda882dc3eaa8565542904ba7fbca35373d3ce97cb410
af661747e1e16baf44ab1687ae16a5bd53e09dc39f110beb2e4532782f2c5047
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b0a16378462c7afcb27d8e14cf50e2cd3a8980af2895d20622640b096920719e
b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15adda52043ab41ba5663be05a91676db5ff3ad95e82dfafe7c5047eedc3f26
b1722c4f4668c6ca36464f685eacbe71f72ff778b3b3567f0e07051a8f28abad
b19e8dbbd79974ba97bf5cff0391068a3c0e13f5107dcc501c56d4f7a1cddf23
b2239a36b676f56ac4569b253bebe7fd244c22f91c76cee060640386cb16020d
b26601e12aedd0c035104155a3377019fa5828d0dc3cca93297f28d718300642
b29d62fdba4bbbc875a4bf51e484b0ab6f536c3ec2bdc3fc1641ebdac59f3310
b30c758d4aa3e073432f79d12e3d96dccf4f13910d23ca320966e20d31e5da16
b31463af176eed7d861b071718190de412fe975d4cdc5a49bad2d78cedeb5f1a
b4208c430fb204fc4903653c1c36f9832e2c3bfb742a6828e96878e328d8e26e
b4615b270f1614490ade3e656c3a497aaeb725fc218150238d59df0258a0f3c5
b48d700842352e2dbc3982fe976c86be731d30d4fbb28f277d5c772d9ce025e3
b4b9b83d308504fd4fc66fa4ef87c91f91e0ba6dc4228bfea3bd2e61bbb9c9ef
b4ca6161c738358009076224e8d00fda43172316bf45d9d7a5de2e42bda895aa
b4d13db2de7ca2cfbdb0898a8d4f2b681438d63b6d037ab050ef3599773056f6
b5790fdc520dc762e02c4acb1cd1fd5678c507e6ebdaee84081c4f65f692da08
b57c90a0d1aec3b3d1b8f8ccbd7b097b511e5fb90cf0146dc0a520853cf9ba03
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4
b5d78ee44663a348467758b38c5989322ef4f76fff66df3efd69e987cf483d3f
b6a3d6278775481d7aaa4e7464e5f82b70a49a9638e1800af94e76b0743ee778
b6d6e8d1120817fea21248a33d88e38e9ffe5de7f6f2c74aa97c7f6b9f03d58f
b6e055ad6056d64c89133fd73e9ee935c068d8bd3ac09366d5d99f9eee99e3f4
b716c0dcd7b9f350e189327f96a651160b4a0611b32a6117ee37ed5ebfaed0a2
b74e7c9dbf57703b7b6bde0f9ef962837d00c74dfd9c5560e88ba61ea47a456b
b758a777aceb46ebbd79d05ec54618696182e0b29dd7dc679e0403f085cbcd4e
b7c513688c795561881700a98914e119134e8501bff14df90bc0340824b26f51
b86a66f50a52eacf8ebea7e083790e4b094d740c7abd4ee07f53e139a6ff5e71
b89490183a20c6a3103c95e9e6c19ab00b940033e4113b2a49d79aceda1fd767
b93627015c8e3438c18d2665587b51ad87e533d2263d3fbe339d498b7c39c965
b94a7ac6e5f81b1cf433b5c82e5c06748ee00d8b8ad5bedd1b8f38d4a05109ba
b993a0e8f3f053b76d6b10a7ff52f78d56a68242e27cde6737af3bea128e1749
b9ab27de86fce7bf205e67e6b11c04563492b44b479a7140e5fc5dbe97543dc2
b9ef6b93b933f351d6260ea0b61c8d4e15cad49611918012783162d31113573d
ba381e54279a07776f1bf69131b32f3958acdff2e2b37334dced95c4e0dedc50
ba5d63dc515a8939e2b084b83d652fdb46982ac65b77453f8e3da6b867dcb2e1
ba7d7f7dce9a821137b1271aa91d888b437ae493762d78490d9d7ae854517110
bb21b6cb45c56256ced8bcae650594f3e14c8bcee7013572554576a070d3927a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb42ff5a78359c49c34bd30860aad34c6f3f70b8d7e32bd7d0fd0e37223c3229
bc0e8bcc565697959dad9dafcb30e7579dfba7ab45657cc717d223f4ed9f9f36
bc31b9b025827153b089db7a3fbe7ce7573c2659789b5cc03e26c4db75ad9d26
bc963209fab0fc1c013cb4b1759eaa2b270d4287a3db2586d997bcde16f45e72
bc9f2aa22ea6825332c5bc97fd008bbe797d9c538f277cdcb90a4244ea18dd14
bca9ed40aa045942e8c3bb0b3fa71e447100280ef0ce594dfe5cbe3c121313af
bcbbe2e154b5818e787be5f5098e03070aef90b6234ce15f3c91b0921b3d1488
bccdd7642abcfefe194b6974ba1509cc41ad83ac7e06e7e948ad68d13cfdb8d9
bcfbab9fd00258a8a7a78fb08e87e31df1108c7db3947dee810a8116d2559ce4
bd1ffd0298a29b2df605ae5f258324b2a5a0f8fa59f74efd92b775c72c17b086
bd29580015c758edda76445651c82c5fcc099a3e4e3759e7d9da7cf189f3c756
bdfd00f7b41a504579b6f10fe781557c69bb449f1d924aecfd6467d878892106
be823ab7fe388a5ce85613917be244c09e73f0053ad2592affe8db1cf218b88c
be92a2ad52afeb0323d6168d96e8437e9609f51c24f7fa4d3d58befee5303228
bed5d0e0cec310f5360af63da4f7b90992f0ca27ee8b1f93cbbb5a52af766141
bf7056d5d008c7f1efae8a41645921911e3e2875341cd456dcbbb16847c06c14
bf78c28c8eba54a6803828ef02f12bdda25d481e00658c84027298547f206b16
bfeda77ff4846c374e28021daddea54822643038b398188d1a30a64114bb9b64
c1386718a8ec989b9968427a08fa8e0de0a6d61da8ade2ea506d49a3b370fe0e
c1c001fcacb2f53265674bfa125f81bef666729fbd0e0493bf5e67b3b20cd7ca
c1ca96e701b29847bcfdc7862e1d5db6a9f99854bbc397d3a0932548aa4a6e19
c1f04fe21bbede0244ae0224bdf117c5568ec2507e1e82a70ebb76b3943f1d2a
c2185bec7021207aafdae627f04944bdf4da8c35d27a54c0dce4ffad77259083
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f
c2d1946cab10182e8a80eec47ae0c2023cffa0fc715b041d53f1cd4e2ec679c8
c2d276985e5f2143dddcb2c771c522ccc853210195098e6bec43d1b005b3b056
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c32d1929b26bd7d736ea97b24d06b86c96a77a0158160f46bfd2cf95ecaa0c3f
c4a478f209dddd433c1849f661b71160f14ad996c9c075e5f4b7fbeb21d1bf0f
c4cf626d6d28870cf28eedddfdb8582e52c3f1e16cae98647f3fd6c8f55b22e6
c5540ad32c424c09694068ccab650e3d5cc174efaf14a502427371de5a10bf63
c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f
c5b894e92e022a66ff2e0936874ba037fd611094ef9f5e353ee3ca30700bba7c
c63f50523e60884764c5d882996837b330c1bf60a7579e8803c16016af200250
c64a48321da0218bad3d29567bb412192058d86906b9356077bee2a281479c8b
c6b60b96d840a52993cc982716d6085ba61e214997b995a0d5e010b2cc4771bc
c73375eb59df657ad502e98ba1d00c19cff4db28839900fc20b2b2d54bc79c5d
c734be56350bcd36f0880348780dce06a229945e160eee14c6c7b10ff857333a
c7380dc1c6115b101cfb8dd0e2f3c59aebb8a6f244458068013cf9bf420c5d41
c75ff8780341ef97fdfa3ae880a49d8f8f99c7c6358ca8de16001b0980ab6e3f
c8bf555039a25ddd0b8db4e0e409887bbfdd4e3b34aa13421fec724b0b9beb00
c902bcfe3acffa2a982753f421547f5d090043271051a4b8bc7b245921a16386
c9066107ae3bca7d986d94311fc534c472a7aae6f7f53eeff674454fac46a958
c93bb666edc38f9d86ea123edcc394ba315cde251fef36d363e9298a84a1b09e
c95b3a784ad35fd4c76d642e8f36e3439e7c48f3b00f7108349e16c8c952baeb
c98352dbbfb6f41a5900d81b9266f969d4fb7db95d333df84860b0267677382f
c992bb054edcca497ce40a74bf5baf14918d2fa2e00b0d043fce982fc771e40e
c9f23a498698696aff8d0324625108ab28c9d5f5c885da7cdf3ceab6479181b8
ca1ac90fb5d1ac43c040ca306fc9e41aab10aa9cd85dabb82a3a3428a817b30f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca76ce69d839094dacdc803824280f33792c3d6b7150878f6fe21a87a903ed2a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb56dbf2b8e6a52a7103fe96d4f71956b889c3b91925d465f308a8f7686a65b5
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
cc6b7dc19843946b37a7b4b17fb6686dc16860f95e47ce630cc699116cebb083
ccb0952eb11eeeaefbe2819f90f79681b9babec310ad39d1fd61bbbfc2e72259
cccc0bc5e99d5926b70f2fab23fa277f920503bd4daa45a1ff9e74ffb33353e6
ccd532317ed10e516dd0052790507dfc63f6e095085a90e0e1657f2ad590de97
ccdcac49567850ffd4891e52abf3a4a04a2620267f9b0f4cee113506e0d2a733
ccecd5d5b295cad26d151768b34974b82f611380abf1a55c7bf8879c33d2b946
cd0ecc577dccedea33076edda87af175ef51b0877785460d6ca10a8d6ebfc7ed
cd9328d4bb26950bb9f78d64c39f7ba35c36c4273d896ae93efa2d560411cf9d
cd9f1e240cea795fe86e179300d6d718de0370f0137c3e69250bb2ecb0bcdeee
cde43191da9b04dbd6a0555041d65c1c2ad3b098179d4719759f08ab1e682da2
ce2045623d9da8bb8eca06dc5bf7b2c2a6365c02f21e36202db967a2ea5e5811
cf106de0f6aae9d7778d2e87752bf4bd8ac65f9eabc08e6cb8c85559558080d7
cf2aaa369ca227b39d336ab2509813b13b3348f298caa7bff934734cdb0ab5fe
cf3bfaf226426b3133d84ad79a74aad40d04da37a4c770a80cf200c7dc615334
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5042d32f70606e81c5dc869f64daa38c4b9187b17e2f01c986c32061338b54
d01d9248154fcc28c73bc1d1472645b8975d7f4a7d627378131b1b565d74c8e3
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0adbbcf933395d6b67e968dffcdd55639d88a4444c4f23cd8b34399201c140d
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1696ff2b156cf1853f5ed0651f3500ce58edffe63903daf2cc8175e92ac1059
d1735d8558a576cf0ea8421e25f53e3946fb983666ba6ec0a6816875bd59f670
d1f44e671a9c3fd6f883e3ef7c04150c97675f3d76099b21550af0c1ccfe9257
d1f997e9d36cab74d9b7c82335b21734e1c74b284d17a8b3df2aa3f4661d2f6c
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d2ad46eedf72d517ee7ba543dcab72af774be9be7547db24dfc494b70740425b
d2d0de3d7e8c4d1d2c5fcf9559684547f5ed3448aa6c3ec9ad359f923ae7fe93
d2e67dddc94d14f2a05d20e582d325cc5be65dd9bcd16d446a7164727b5fce87
d345b23766b28369c062ba78ee99e79f9aee5913b86d297e082bb4df135b8501
d35b5fd65497ae8d66b6e52bbad869c48bf379174ab0175f10e5d760741cbdcd
d3789c1c504990fbbc2e77341c1bc8714bd7b5d4235dba29ca3916c5bb152a78
d3a5e645788e94d908ec426ba424c5a3b76cc657d2028afdddc25131a8518a31
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d45ac9d2f1fa43531b6acb15b0b6b572f8b5a1065428a7ffc1dab7465f449a12
d45ca6e30d73b7b8a54c6ef25f3a8937ed4194a426a8029684c8c111dfebd39c
d4dd9dbc6099790b3a3807c15f4ef9b8e71cab2a4a646e256b47248a8c430d09
d53604a05fb19a8486234da0ae56801f0a0ac2fa9037c4416eac518e2315159a
d68d9fe5c2e13457907dc9b4962ddfbbfd68f5ada58a41a8f452e1a9f2333658
d70b9e24bca26b409b9458ceca6c9e5c2b5c3171c37ff050c6f6a0d7a4420d2a
d755760a25a3252ba4da7d35ecc29e8386e192f0048ca4c0fc1ddd0eebe2e514
d791ed66beb24fde8fa0a62a66490d54049c88cef4783b75328e06fb489a172d
d796ea3c90bab95eb0ca2b70aa0c2aad671b32ce71cdf695098340c8b2eb2ef7
d828438fc784fd8de00c317d60cd34aca3c0a86939d90f84d9bba2de44bf14db
d82df0138b12f3954d4be0bd5af3e74a1123f056188c3db7249c3376f5503e40
d85b0c45e4dcbe764a9f4750e9189f9167f947d68be7fb60626155c043ebf09b
d8684f3e89e8fcd27f22b3241b7d0c2f9d0f3afebb2ac7647df05bf1049c277a
d8b1c608de12a6eed60afecf3745bb5edbdc1787e96c5ddc0e2055c4b9de1457
d8da09dfc65b954c745b1a214f9665505f89a6340401b8aa5f3a4ed6a0a14b08
d9020a9e8ca290ab222d60df4b49824ea317eeea5fbe020caea10fbc9f682edb
d94f3cf69ae36b742281a39dc28746a6f3c753bc62a62e599d7e81c08826d3c5
d956a3ba29b5004b9fb06c9d3597cb214d7f6ed351660ba533e813155e1bc05b
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
daba4266fa5864c4ee1e1f55c6e37ebdb8c85964448f5f411b096aba10affaf1
db8c8b622eba81f568dfafa8589d94329439d9f1c1812277aba700170265883f
dc2c49a20d1cc22ad98b6d26f43be4d5eb33dc0d17b0e04dcc9dab3c5ecf3741
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd163de50ee962fc9ae4fc57ec20ec75d7c80a9191ad21029ac4ed3e0d8d6472
dd5f99b359e7415612cfdb97fb432b570af813d582919d6cea3692bdcb7e5d0a
dd9bd2593bf28a139efc9398ec65ba300fa4132baa4d5b95123427a9cf3913fa
ddf050d4c054b44869858af8590f89e670a84b121e68b20d54975e20dc9aa259
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dfd6160e17861a4dd42daf4143549bc85b9a059082e9df30e4400d0393c43d49
e02345f43db58226d399780770404f420e0259b0fd8c8612cb6e845f18ac16ea
e0a1247c732b236872195e1cedb855b2f3504aa6f212020128eaa6c6bdb529b5
e102f8fcda630190f1eaccad78339089dbdc4de850ac6bca7bd057db23d36e94
e1ada2a8aacfb74e1012ffa2663bf047fcea599e815b98401b89d1858168881a
e1b8df1d3cb758b158e721187cc1be8399d80ea37864a97f844a02bf78c94e41
e1c73bfe44727bed20ff334bbec27f1de0a82b1724bae139a28688edaf8681a8
e1ef56745c8a9e21f6b815dec4a97440fc975920d4e7a021ba518f1a9a229974
e1fe57a927865a31d8c8259f8316f44fa3b19de805b0bc964e829d81eebd1dbc
e2047e0eedac1ff5ff206229050768b94e116cb0dcbc9437407cb2408030ac99
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2a67499043b423a3f3238a862d287342cdfeb615b53c112a592dd7fe8c04709
e2c8dd889642487e976b8f78f3640dbe7ced0ad48112b972c21dd41f3617f09a
e3379fa21363a510b92dd51bf7e78b274860e9b488531bd1f39f081ae47434d3
e394d0e1624d50536c8bf44a11c732e0561842aeb7681ccf6d13230d870c2c95
e3aeeb9b76fb8242067c35d89b2a5281561e92a7c9a25239d630f818fe978a7d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46e92d366cb4d2141bfa5fc0e3234a8af2131742fb6745fbf1c41806106c260
e49e22ae110b355f66660a18e01d55499745467f9bc10241ca0c15dee91a7bdd
e4cc847c7c9cf182a981687311808fb5b15893a7ac91526b879dd2dca2813ff7
e526dec546f52d33e10654eb66ea362614d3bed63800892021fd0f977c5e8960
e5425a128404501abc9969d12296d66bd73d613a488934967042e6d1c193d10c
e577c9056e22205ba3500fa9d6a0a009fc016aa09de86561770ab915fc055c8e
e623d1366fbeecf1895178682ef93e48e35506d51b0babf424144b597f8a93ed
e62ccbe17b01440db36138ad3f9a9c193d4a5470eabe7f0e10079030693cab38
e6626ea6ce5d5211599e4c7c98959a18c840cf95f78c5e42bfb1ec92c9dad6b5
e682cb3815f258c7b53e5d8a70696c3c6296db1b37a04a9718052195063bfa16
e69bbb9d255e0800f75b87ed45302ff6dce75e08aa1223ec1e59ed6058cc3839
e6c54a23c0752a56383e49234bc04160e565a8b987089d96107cd6060c4fae9d
e7021ec0860bc9ddcc9c05cb9f1acfb1ea2e4fe710a04bee61f68027c7658d4f
e73d0fefe39957f20b7f462197cc3a7143086b772e818c859a7dc1a1a689edff
e7c87b5b01ff4bf19352661d595c622a8402a1089eff1f4fd4f751b0c799949b
e8156439b05cd9313f291403e0384e563d56c4b4ac2a1c14e84cf08f89b24c9b
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e862a40091ac327f1b947416b1eb7731cb0d98e23ca46371f799ff061e46546c
e8e507745e3d49bca97990afd69da76db5633ec37acd598c5ca957b92b2f9a34
e8f66125fd81f000f6336a38cfb50966fc1aeba124567f3c3be22394e127cdef
e90e53a8df5a4ae11d54f5d05f27e21c8b5b390bf430d119fc3ce660f05e2ca3
e91a270de5a3523dcad33dbafde167aed352447bf3e4308854feaf696f95b7f8
e9527bae31e7b9677fd555c796d7508c94dbf605e3a4e97e160d56a976f658a0
ea572956e3581f8805fff7c42c2b31a3c4902824a0e5cf78b5d96b12ea1717c7
ead142273ba55269ff400fda93a25f90583f483cd576f98ee720c05569e7a2f1
eaef5512d357749b8b67afcbc14f1f8142782d78b2bc63a45a3743b724499296
eb0ca965fb69c9bcee6beb126ddb7db6b9bc89c4458a5cc56d495eda98e01a9c
eb2ac69ae2707f6c71862add334e4147a7c94b7ba94641db4a3879e1963ebd59
eb5452a94fc36817c3c0af8d5695cb2419c5ca657cd2c96bb7fd716e0b357874
ecb21ebdf48e900b241c017a3a5991c54f291038c4b71ae9c65ceadc0a0c6e7e
ecdfa400855d3a2942065b7b7036b020e66d61547a26465637598a2078d46612
ed0575d51f4079c8109ab21a591bbbab7e2be1addf8300fd5e431633daaac71c
ede78d2b801ebf9fd9dab7244f4fd29b854b901ef4798168170c4d1b3664bbac
ee41b79beba26483605d00c7aeea29466de98c8cd65bbe53b4e93b9e25400794
eed5c8d96e6134f95ee14b0b3591625fa96fe6000156658bc66dd2e1c8d9e6c2
eee4b66ef1134e771b436c93ef4140469579a120d7fe4475b19859c2fbab49e5
ef0cc9533d83f9be7860ac3ce4261586a587fb4929bca92f56737c4651e609b8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef73a59e88671aa66a4cf82d2858a59c4f1c7587703f816632f85e45461cb12c
ef84100ac4f0ab1584b5d7a91fef88a8ae822e24ae633d48876b18bdb7315dbc
efa4025d1f80af52b3bde5aa3427b3080f231ca54e50315b386833bd58f4d5b4
efa868a96d117a28e0d2d0e338e2b248179d0247cd5e4bfa73363d8001e03a82
efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02
f06c36728aa3d48f164f74e52462612eb7597d0ca73153bb5858ca9a956fa987
f149423f67ceab2e28ca0b092dc80f612b3ed93a067b80641bf8c37f5eee06d5
f171a99c02f0132db8a7166defdd3db8fe19c024733b36b3a1ed57be78a5376b
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f2a8720de45d6e2afa1037156d17e6b24e05d98b9f3ffb06ea6dbd8faafb3297
f35ebed0d3f95eeb2732099c54d278e52d68129c453772b4de097ef94969fc9b
f391658d7c05d86109b2715ad7c13db5bb9f0b53240d484090cf1b3727a7bc7e
f41cb22f351b579a92ce50fa657167533a58bf918469869e71092fdba2ae2b95
f4eef8263281c0b26486637831251059757bc3fdc4c3a48045a8ef8646b36e8f
f52ce01db6efb560048591928a335d5e8a620ea5a5528f76384f5ceca40263e8
f5428d1ef9d83754dce94a68d89cfd445ee439f51872b5c6d687b646e40c6f58
f55c81bdb3f78501328d113278a91beca92f5743976b7df7f57f1a6c20c8cb9f
f61118c22c99bf2b12b877fc454591b2bed78c0105bbe4a0585526338c7c2187
f674fc1e2568cb5841f1eac4337b40539b93f6295c39f3ef435ed27c49e3ed3e
f7fc2ee49fb8128a69c38428e8c5609d9e51a83fbbdf782544d0f975b6a61d04
f845b66c2137315f5b7bbb4376744b132bb288567a742bc498b5d6a6a8c455c2
f87da225996ccd9d961b77099f5200344923108efdd812ffb4e8fa68dc6444b3
f8a4c2093f4f4d8efe044063279105517cda36cc947acce0f3180dd8455abaff
f91a1765ada3e1b0bd99d516b0d972e2170dcff318eda7b5efc224d034bdb415
f96c418cb67a96b7001341c3afd18f4ff470a1b53b1788c4f406468c1c9eb9e1
f9777b4b2109c19b2428e27e662efb111aa1370e71a5e81306c3975986b9ed49
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
fa99ee97df312a9d639815ab67e8d26a623f69a2b29c440ff10d54ac38997243
faf1acb4cb71c122bff2bc0bc2a088b3f27b54f57d951e79f67e72dadb97da50
fafcb93c31874d92a0466689079ae6a65b56864516d7560070007b3ec1210c1b
fb0b6f5143bd426f8c61678346a7b98537d7697e45dcaf4e8603010690621a10
fbf377e5f7d6d0389815b2c258aa04cf088bbe8c8ddd4d28d78637a501e17c2d
fc1cb3c1abed6cf3e265facd1e539be166a255907e6d21cfedaa9b901d1d1d20
fd56632b4b07ce2bd408199103760876ef5366d846cdca5b184e04f456eb21d0
fd71dbbd1b814d65ea512a3653f2ad2122db9724367ffa77372e203ac4d8f290
fdbfddeacca164c72809d65be2542f9f24f541d226871af20ae1b11681c1ab49
fe282ed25faa99bb3fdf3b2f06a8cd645a2f5dffcd3d1641c4d46dcedc4e722c
fe3433d10b861b314ff938563faaadc26c2948c5ab4e797334e40cd23b404750
ff0ae5d95d2b1b4117efd591c4407abd19165b6a906d1451e352e26c39ec4284
ff6e20c45a4ddce54d990b61e87110659dd2765e25fe83c25da4a4ab6a793b9d
ff992f86e73074f88c82d1efc285ec8d1c3189925541f23d94b6cb5420d63e5d
ffa2e70c964ea101d4fb17cf4116064c9fd5f08575949a701cb6cb94eae28c12
ffee138fd5ac29ce5df591e6a0f66d2026c780ba51f7da9ac8d1e7b22117d5a5