28bysamwood.com Open in urlscan Pro
54.253.82.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://28bysamwood.com/
Effective URL:
https://28bysamwood.com/
Submission: On October 27 via api (October 27th 2022, 4:54:37 am UTC) from US — Scanned from AU

Summary HTTP 190 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 70 IPs in 9 countries across 56 domains to perform 190 HTTP transactions. The main IP is 54.253.82.12, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is 28bysamwood.com.
TLS certificate: Issued by Amazon on April 22nd 2022. Valid for: a year.

This is the only time 28bysamwood.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	54.253.82.12 54.253.82.12	16509 (AMAZON-02) (AMAZON-02)
1	23.54.56.167 23.54.56.167	16625 (AKAMAI-AS) (AKAMAI-AS)
3	74.125.24.95 74.125.24.95	15169 (GOOGLE) (GOOGLE)
19	52.95.131.18 52.95.131.18	16509 (AMAZON-02) (AMAZON-02)
1	104.16.93.80 104.16.93.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	23.54.56.217 23.54.56.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.4.97 142.250.4.97	15169 (GOOGLE) (GOOGLE)
7	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
1	104.69.149.41 104.69.149.41	16625 (AKAMAI-AS) (AKAMAI-AS)
5	142.251.12.139 142.251.12.139	15169 (GOOGLE) (GOOGLE)
1 6	142.251.12.154 142.251.12.154	15169 (GOOGLE) (GOOGLE)
1	18.155.68.61 18.155.68.61	16509 (AMAZON-02) (AMAZON-02)
1 3	142.251.12.149 142.251.12.149	15169 (GOOGLE) (GOOGLE)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
1	151.101.193.131 151.101.193.131	54113 (FASTLY) (FASTLY)
2	23.9.178.224 23.9.178.224	16625 (AKAMAI-AS) (AKAMAI-AS)
5	204.79.197.200 204.79.197.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	103.229.10.247 103.229.10.247	16509 (AMAZON-02) (AMAZON-02)
8	104.88.70.195 104.88.70.195	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	119.161.10.11 119.161.10.11	38032 (YAHOO-HK2...) (YAHOO-HK2-AP internet content provider)
1	182.161.73.133 182.161.73.133	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	3.234.95.123 3.234.95.123	14618 (AMAZON-AES) (AMAZON-AES)
2	54.87.231.226 54.87.231.226	14618 (AMAZON-AES) (AMAZON-AES)
1	99.86.159.12 99.86.159.12	16509 (AMAZON-02) (AMAZON-02)
1	13.33.33.116 13.33.33.116	16509 (AMAZON-02) (AMAZON-02)
2 5	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
6	142.251.12.94 142.251.12.94	15169 (GOOGLE) (GOOGLE)
1	54.192.150.40 54.192.150.40	16509 (AMAZON-02) (AMAZON-02)
1	13.33.88.124 13.33.88.124	16509 (AMAZON-02) (AMAZON-02)
1	13.33.33.118 13.33.33.118	16509 (AMAZON-02) (AMAZON-02)
1	142.250.4.157 142.250.4.157	15169 (GOOGLE) (GOOGLE)
3 5	74.125.24.103 74.125.24.103	15169 (GOOGLE) (GOOGLE)
1	103.237.104.82 103.237.104.82	53580 (MARKETO) (MARKETO)
6 8	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	151.101.0.84 151.101.0.84	54113 (FASTLY) (FASTLY)
1	54.254.43.115 54.254.43.115	16509 (AMAZON-02) (AMAZON-02)
2	106.10.236.146 106.10.236.146	56173 (YAHOO-SG3...) (YAHOO-SG3 internet content provider)
1	3.26.166.39 3.26.166.39	16509 (AMAZON-02) (AMAZON-02)
2	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
7	182.161.73.146 182.161.73.146	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	13.33.88.114 13.33.88.114	16509 (AMAZON-02) (AMAZON-02)
1	34.248.5.173 34.248.5.173	16509 (AMAZON-02) (AMAZON-02)
3 3	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
1	13.33.100.47 13.33.100.47	16509 (AMAZON-02) (AMAZON-02)
2	34.207.12.71 34.207.12.71	14618 (AMAZON-AES) (AMAZON-AES)
1 3	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
3 3	104.254.151.60 104.254.151.60	29990 (ASN-APPNEX) (ASN-APPNEX)
1 3	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 3	18.140.149.174 18.140.149.174	16509 (AMAZON-02) (AMAZON-02)
2	104.83.196.24 104.83.196.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.157.80.69 35.157.80.69	16509 (AMAZON-02) (AMAZON-02)
2	38.133.127.31 38.133.127.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	67.199.150.86 67.199.150.86	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2	52.74.74.2 52.74.74.2	16509 (AMAZON-02) (AMAZON-02)
2	23.106.127.38 23.106.127.38	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
2	141.226.229.48 141.226.229.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	23.36.49.63 23.36.49.63	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	35.71.178.8 35.71.178.8	16509 (AMAZON-02) (AMAZON-02)
2	52.74.162.2 52.74.162.2	16509 (AMAZON-02) (AMAZON-02)
1 2	202.241.208.3 202.241.208.3	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2	23.73.13.201 23.73.13.201	16625 (AKAMAI-AS) (AKAMAI-AS)
2	3.37.124.92 3.37.124.92	16509 (AMAZON-02) (AMAZON-02)
2	35.76.245.45 35.76.245.45	16509 (AMAZON-02) (AMAZON-02)
4	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
2 4	13.33.88.101 13.33.88.101	16509 (AMAZON-02) (AMAZON-02)
2	23.213.43.197 23.213.43.197	() ()
2	54.255.95.76 54.255.95.76	16509 (AMAZON-02) (AMAZON-02)
2	35.160.185.12 35.160.185.12	16509 (AMAZON-02) (AMAZON-02)
190	70

18 54.253.82.12 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com

28bysamwood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.54.56.167 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-56-167.deploy.static.akamaitechnologies.com

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.95.131.18 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.ap-southeast-2.amazonaws.com

samwood-wp-assets.s3.ap-southeast-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.93.80 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

app-sn04.marketo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.54.56.217 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-54-56-217.deploy.static.akamaitechnologies.com

assets.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.149.41 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-149-41.deploy.static.akamaitechnologies.com

a20393310398.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.12.139 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f139.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.12.154 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-61.sin52.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.149 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net

11063240.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.131 (United States)

ASN54113 (FASTLY, US)

a785103026084cf5b58eb82dc405c5b5.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.9.178.224 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-178-224.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.88.70.195 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-88-70-195.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 119.161.10.11 (Singapore, Singapore)

ASN38032 (YAHOO-HK2-AP internet content provider, HK)
PTR: e1.ycpi.vip.sgb.yahoo.com

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.133 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.95.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-95-123.compute-1.amazonaws.com

q.quora.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.87.231.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-231-226.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.159.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-159-12.mxp64.r.cloudfront.net

public.profitwell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.33.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-116.sin2.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.24.156 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-40.sin2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-124.sin2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.4.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f157.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.24.103 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.237.104.82 (United States)

ASN53580 (MARKETO, US)

678-qxr-802.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 182.161.73.136 (Singapore) 6 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.84 (United States)

ASN54113 (FASTLY, US)

log.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.254.43.115 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-43-115.ap-southeast-1.compute.amazonaws.com

a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 106.10.236.146 (Singapore, Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spdc.pbp.vip.sg3.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.26.166.39 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-26-166-39.ap-southeast-2.compute.amazonaws.com

fycdai.28bysamwood.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.33.88.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-114.sin2.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.5.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-5-173.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.24.157 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.100.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-100-47.sin2.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.207.12.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-12-71.compute-1.amazonaws.com

a785103026084cf5b58eb82dc405c5b5.events.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (Tokyo, Japan) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.151.60 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 139.5.84.243 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.140.149.174 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-149-174.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.80.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-80-69.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.133.127.31 (United States)

ASN22075 (AS-OUTBRAIN, US)

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.199.150.86 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.74.74.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-74-2.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.106.127.38 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.49.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-49-63.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.71.178.8 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.241.208.3 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

adgen.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.73.13.201 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-13-201.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.37.124.92 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-37-124-92.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.76.245.45 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-76-245-45.ap-northeast-1.compute.amazonaws.com

cs.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.88.101 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-101.sin2.r.cloudfront.net

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.43.197 (None, )

ASN- ()

ade.clmbtech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.255.95.76 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-95-76.ap-southeast-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.160.185.12 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-160-185-12.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	amazonaws.com samwood-wp-assets.s3.ap-southeast-2.amazonaws.com	7 MB
19	28bysamwood.com 1 redirects 28bysamwood.com fycdai.28bysamwood.com	453 KB
16	criteo.com 6 redirects dynamic.criteo.com — Cisco Umbrella Rank: 4383 gum.criteo.com — Cisco Umbrella Rank: 425 sslwidget.criteo.com — Cisco Umbrella Rank: 1809 dis.criteo.com — Cisco Umbrella Rank: 679	32 KB
11	doubleclick.net 6 redirects 11063240.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 stats.g.doubleclick.net — Cisco Umbrella Rank: 84 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	5 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 872	129 KB
8	pinterest.com assets.pinterest.com — Cisco Umbrella Rank: 2663 log.pinterest.com — Cisco Umbrella Rank: 3737 ct.pinterest.com — Cisco Umbrella Rank: 847	22 KB
7	google.com.au 1 redirects www.google.com.au — Cisco Umbrella Rank: 23161 adservice.google.com.au — Cisco Umbrella Rank: 109731	2 KB
7	google.com 3 redirects analytics.google.com — Cisco Umbrella Rank: 400 adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	3 KB
7	gstatic.com fonts.gstatic.com	158 KB
5	bing.com bat.bing.com — Cisco Umbrella Rank: 379 c.bing.com — Cisco Umbrella Rank: 236	13 KB
5	ubembed.com a785103026084cf5b58eb82dc405c5b5.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 9765 a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com a785103026084cf5b58eb82dc405c5b5.events.ubembed.com	61 KB
5	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 131	36 KB
4	smaato.net 2 redirects s.ad.smaato.net — Cisco Umbrella Rank: 717	2 KB
4	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 344	630 B
4	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1242 ups.analytics.yahoo.com — Cisco Umbrella Rank: 294	2 KB
4	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 789 vars.hotjar.com — Cisco Umbrella Rank: 916 in.hotjar.com — Cisco Umbrella Rank: 1656	70 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	106 KB
4	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 714 a20393310398.cdn.optimizely.com logx.optimizely.com — Cisco Umbrella Rank: 1224	96 KB
3	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 373	1 KB
3	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 681	1 KB
3	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1351	2 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
3	bidswitch.net 1 redirects x.bidswitch.net — Cisco Umbrella Rank: 303	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44	3 KB
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 528	675 B
2	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2114	935 B
2	clmbtech.com ade.clmbtech.com	560 B
2	adingo.jp cs.adingo.jp — Cisco Umbrella Rank: 3324	825 B
2	dable.io adx.dable.io — Cisco Umbrella Rank: 15915	283 B
2	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 539	1 KB
2	socdm.com 1 redirects adgen.socdm.com — Cisco Umbrella Rank: 17682	2 KB
2	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 1698	574 B
2	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1296	463 B
2	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 640	1 KB
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 554	559 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 347	2 KB
2	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 706	1 KB
2	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 832	453 B
2	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1259	2 KB
2	media.net contextual.media.net — Cisco Umbrella Rank: 570	1 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 18762	36 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	203 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 494	7 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 948 pixel.quantserve.com — Cisco Umbrella Rank: 516	11 KB
2	marketo.net munchkin.marketo.net — Cisco Umbrella Rank: 2933	7 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	170 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 798	22 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	174 KB
2	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5337	2 KB
1	cloudfront.net d9hhrg4mnvzow.cloudfront.net	5 KB
1	mktoresp.com 678-qxr-802.mktoresp.com	487 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 876	2 KB
1	profitwell.com public.profitwell.com — Cisco Umbrella Rank: 5991	9 KB
1	quora.com q.quora.com — Cisco Umbrella Rank: 2946	423 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	7 KB
1	marketo.com app-sn04.marketo.com	69 KB
190	56

	Domain	Requested by
19	samwood-wp-assets.s3.ap-southeast-2.amazonaws.com	28bysamwood.com
18	28bysamwood.com	1 redirects 28bysamwood.com
8	gum.criteo.com	6 redirects dynamic.criteo.com gum.criteo.com
8	analytics.tiktok.com	28bysamwood.com analytics.tiktok.com
7	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com.au	28bysamwood.com 11063240.fls.doubleclick.net
5	dis.criteo.com
5	ct.pinterest.com	s.pinimg.com 28bysamwood.com
5	www.google.com	3 redirects 28bysamwood.com
5	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com 11063240.fls.doubleclick.net
4	s.ad.smaato.net	2 redirects
4	idsync.rlcdn.com	28bysamwood.com
4	googleads.g.doubleclick.net	3 redirects www.googleadservices.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	eb2.3lift.com	1 redirects 28bysamwood.com
3	ad.360yield.com	1 redirects 28bysamwood.com
3	r.casalemedia.com	1 redirects 28bysamwood.com
3	ib.adnxs.com	3 redirects
3	x.bidswitch.net	1 redirects 28bysamwood.com
3	bat.bing.com	28bysamwood.com bat.bing.com
3	11063240.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	fonts.googleapis.com	28bysamwood.com builder-assets.unbounce.com
2	beacon.krxd.net
2	sync-criteo.ads.yieldmo.com	28bysamwood.com
2	ade.clmbtech.com	28bysamwood.com
2	c.bing.com	28bysamwood.com
2	cs.adingo.jp	28bysamwood.com
2	adx.dable.io	28bysamwood.com
2	tags.bluekai.com
2	adgen.socdm.com	1 redirects
2	ups.analytics.yahoo.com	28bysamwood.com
2	criteo-sync.teads.tv	28bysamwood.com
2	sync-t1.taboola.com	28bysamwood.com
2	rtb-csync.smartadserver.com	28bysamwood.com
2	match.sharethrough.com	28bysamwood.com
2	pixel.rubiconproject.com	28bysamwood.com
2	simage2.pubmatic.com	28bysamwood.com
2	sync.outbrain.com	28bysamwood.com
2	exchange.mediavine.com	28bysamwood.com
2	contextual.media.net	28bysamwood.com
2	cm.g.doubleclick.net	2 redirects
2	a785103026084cf5b58eb82dc405c5b5.events.ubembed.com	assets.ubembed.com
2	builder-assets.unbounce.com	a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com
2	sslwidget.criteo.com	dynamic.criteo.com
2	www.facebook.com	28bysamwood.com
2	sp.analytics.yahoo.com	28bysamwood.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	logx.optimizely.com	cdn.optimizely.com
2	s.yimg.com	28bysamwood.com s.yimg.com
2	munchkin.marketo.net	28bysamwood.com munchkin.marketo.net
2	connect.facebook.net	28bysamwood.com connect.facebook.net
2	s.pinimg.com	www.googletagmanager.com s.pinimg.com
2	www.googletagmanager.com	28bysamwood.com www.googletagmanager.com
2	dev.visualwebsiteoptimizer.com	28bysamwood.com
2	assets.pinterest.com	28bysamwood.com assets.pinterest.com
1	d9hhrg4mnvzow.cloudfront.net	a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com
1	in.hotjar.com	script.hotjar.com
1	fycdai.28bysamwood.com	connect.facebook.net
1	pixel.quantserve.com	28bysamwood.com
1	adservice.google.com.au	1 redirects
1	a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com	assets.ubembed.com
1	log.pinterest.com	28bysamwood.com
1	678-qxr-802.mktoresp.com	munchkin.marketo.net
1	adservice.google.com	11063240.fls.doubleclick.net
1	rules.quantcount.com	secure.quantserve.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	analytics.google.com	www.googletagmanager.com
1	assets.ubembed.com	a785103026084cf5b58eb82dc405c5b5.js.ubembed.com
1	public.profitwell.com	28bysamwood.com
1	q.quora.com	28bysamwood.com
1	dynamic.criteo.com	www.googletagmanager.com
1	secure.quantserve.com	28bysamwood.com
1	a785103026084cf5b58eb82dc405c5b5.js.ubembed.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	a20393310398.cdn.optimizely.com	cdn.optimizely.com
1	cdnjs.cloudflare.com	28bysamwood.com
1	app-sn04.marketo.com	28bysamwood.com
1	cdn.optimizely.com	28bysamwood.com
190	79

This site contains links to these domains. Also see Links.

Domain
app.28bysamwood.com
shop.28bysamwood.com
recipes.28bysamwood.com
frcasinoonlineca.com
onlinecasino-nl.com
online-casino.ph
excelsiorcasino.com
casinoonline-365.com
vimeo.com
nz-casinoonline.com
spielautomatcasinos.de
aucasinoslist.com
casinosnobrasil.com.br
casinoonlineca.ca

Subject Issuer	Validity	Valid
*.28bysamwood.com Amazon	`2022-04-22` - `2023-05-21`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.s3-ap-southeast-2.amazonaws.com Amazon	`2021-12-15` - `2022-12-14`	a year	crt.sh
app-sn04.marketo.com Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-06-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-05` - `2022-11-03`	3 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2022-02-06` - `2023-02-07`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.tiktok.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-13` - `2023-01-13`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-10-17` - `2022-12-07`	2 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-27` - `2022-11-22`	3 months	crt.sh
*.quora.com R3	`2022-08-21` - `2022-11-19`	3 months	crt.sh
logx.optimizely.com Amazon	`2022-07-24` - `2023-08-22`	a year	crt.sh
*.profitwell.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.mktoresp.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-05` - `2023-11-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.pages.ubembed.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-28` - `2023-03-31`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-09` - `2023-02-01`	6 months	crt.sh
fycdai.28bysamwood.com R3	`2022-10-01` - `2022-12-30`	3 months	crt.sh
*.unbounce.com Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.events.ubembed.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2022-02-20` - `2023-02-22`	a year	crt.sh
exchange.mediavine.com Amazon	`2022-07-06` - `2023-08-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2021-10-24` - `2022-11-24`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.sharethrough.com Amazon	`2022-10-24` - `2023-11-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
teads.tv R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-09-27` - `2023-03-22`	6 months	crt.sh
*.socdm.com GlobalSign RSA OV SSL CA 2018	`2022-05-24` - `2023-06-25`	a year	crt.sh
*.dable.io Amazon	`2022-06-26` - `2023-07-25`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
colombiaonline.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.ads.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-01-15` - `2023-01-13`	a year	crt.sh
*.360yield.com Amazon	`2022-10-08` - `2023-11-06`	a year	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://28bysamwood.com/
Frame ID: F7E93387A3C4901C7664C918AA22DC98
Requests: 115 HTTP requests in this frame

Frame: https://a20393310398.cdn.optimizely.com/client_storage/a20393310398.html
Frame ID: AB33B6DDB6270D69B6D2E8ED38CC52C2
Requests: 1 HTTP requests in this frame

Frame: https://11063240.fls.doubleclick.net/activityi;dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F
Frame ID: 4E170ABB9BB4F484EF0DE7583B0367A2
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html
Frame ID: A9546720795A46599CD999D07E8E05A5
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F
Frame ID: 89AC605704010817FA51A300F28EA1CC
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=28bysamwood.com&origin=onetag
Frame ID: 551E89BB08FDC72DA08CC9D47E2971A2
Requests: 2 HTTP requests in this frame

Frame: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/4b302ccc-3bac-46e3-8e78-e922c37cbba9/h.html?closedAt=0
Frame ID: 7D311749AE28D956A0516EFDB1B0F764
Requests: 10 HTTP requests in this frame

Frame: https://11063240.fls.doubleclick.net/ddm/fls/r/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F
Frame ID: D06FB4C7B52F1030AAB5B3CD1054F378
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 46E62153D404686DECD86B0CA3BDFBCD
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: F8D358510F47EB4C55756437D584DE96
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-otShazQlzkho80pVf4oaSoO39AXECTI1FzEmgw&expires=30
Frame ID: CE880CB44D0F8EA62E09317098061372
Requests: 27 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-otShazQlzkho80pVf4oaSoO39AXECTI1FzEmgw&expires=30
Frame ID: 9E71AC4CD907FA1A0A00A995E89579CE
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

28bysamwood | 28 By Sam Wood

Page URL History Show full URLs

http://28bysamwood.com/ HTTP 301
https://28bysamwood.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Marketo (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js

Marketo Forms (Widgets) Expand

Overall confidence: 100%
Detected patterns

marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Pinterest (Widgets) Expand

Overall confidence: 100%
Detected patterns

//assets\.pinterest\.com/js/pinit\.js

Profitwell (Analytics) Expand

Overall confidence: 100%
Detected patterns

public\.profitwell\.com/js/profitwell\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

190
Requests

89 %
HTTPS

0 %
IPv6

56
Domains

79
Subdomains

70
IPs

9
Countries

8987 kB
Transfer

11863 kB
Size

81
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://app.28bysamwood.com/users/sign_up
Title: Join Now

Search URL Search Domain Scan URL

URL: https://app.28bysamwood.com/users/sign_in
Title: Login

Search URL Search Domain Scan URL

URL: https://shop.28bysamwood.com/
Title: Shop Our Products

Search URL Search Domain Scan URL

URL: https://recipes.28bysamwood.com/
Title: 'I Quit Sugar' Recipes

Search URL Search Domain Scan URL

URL: https://app.28bysamwood.com/users/sign_up
Title: Join Now

Search URL Search Domain Scan URL

URL: https://frcasinoonlineca.com/casino-en-ligne/quatro-casino/
Title: Quatro casino rewards

Search URL Search Domain Scan URL

URL: https://onlinecasino-nl.com/
Title: online casino Nederland

Search URL Search Domain Scan URL

URL: https://online-casino.ph/
Title: online casino philippine

Search URL Search Domain Scan URL

URL: https://excelsiorcasino.com/casino-a-depot-minimum/
Title: casino depot 1$

Search URL Search Domain Scan URL

URL: https://casinoonline-365.com/casinos/1-deposit-casino/
Title: $1 minimum deposit casino canada

Search URL Search Domain Scan URL

URL: https://vimeo.com/522628361

Search URL Search Domain Scan URL

URL: https://nz-casinoonline.com/
Title: https://nz-casinoonline.com/

Search URL Search Domain Scan URL

URL: https://spielautomatcasinos.de/casinos/trustly/
Title: Trustly Casino

Search URL Search Domain Scan URL

URL: https://aucasinoslist.com/
Title: top Australian online casino

Search URL Search Domain Scan URL

URL: https://casinosnobrasil.com.br/
Title: melhor casino online

Search URL Search Domain Scan URL

URL: https://casinoonlineca.ca/
Title: best online casino Canada

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://28bysamwood.com/ HTTP 301
https://28bysamwood.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://11063240.fls.doubleclick.net/activityi;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F HTTP 302
https://11063240.fls.doubleclick.net/activityi;dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F

Request Chain 81

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/323390932/?random=635496957&cv=9&fst=1666846470756&num=1&value=0&label=Uq-wCPnv54oDENSbmpoB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Bw9aY_2LCamh4t4P07GLwAg&sscte=1&crd=&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxyU6lgT0o0adH7d4OF8HzqZnN2zF2-Uwlc&pscrd=EkxDaEFJOExYam1nWVExTW05dVBxWl81czdFaVVBZU9id2ctRUJnTnp2RUpQSmVqTGFUOFZwazRQWlUyVG9BbTV6WV9ieXA3bWFNQmVCGlhDaEVJOExYam1nWVFrSkd6bE9IRzljVFpBUkl0QURIbUVIVnRqQTlsQXBkbDNKVkV0SXJlMUpiS1JFTVUwazF4WGp1WEo1U3Y5Ulo2TFFISWF1R2hxemph HTTP 302
https://www.google.com/pagead/1p-conversion/323390932/?random=635496957&cv=9&fst=1666846470756&num=1&value=0&label=Uq-wCPnv54oDENSbmpoB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExYam1nWVExTW05dVBxWl81czdFaVVBZU9id2ctRUJnTnp2RUpQSmVqTGFUOFZwazRQWlUyVG9BbTV6WV9ieXA3bWFNQmVCGlhDaEVJOExYam1nWVFrSkd6bE9IRzljVFpBUkl0QURIbUVIVnRqQTlsQXBkbDNKVkV0SXJlMUpiS1JFTVUwazF4WGp1WEo1U3Y5Ulo2TFFISWF1R2hxemph&is_vtc=1&ocp_id=Bw9aY_2LCamh4t4P07GLwAg&cid=CAQSKQDq26N9BfUguSP0D189fQCujManGYJqw6XYkCbk6ri8pMFQyDRaDMf1IBM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxwK77s-eDWy7M7Iqp3RgtLtd4DntYitzKg&random=1306536714&resp=GooglemKTybQhCsO HTTP 302
https://www.google.com.au/pagead/1p-conversion/323390932/?random=635496957&cv=9&fst=1666846470756&num=1&value=0&label=Uq-wCPnv54oDENSbmpoB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExYam1nWVExTW05dVBxWl81czdFaVVBZU9id2ctRUJnTnp2RUpQSmVqTGFUOFZwazRQWlUyVG9BbTV6WV9ieXA3bWFNQmVCGlhDaEVJOExYam1nWVFrSkd6bE9IRzljVFpBUkl0QURIbUVIVnRqQTlsQXBkbDNKVkV0SXJlMUpiS1JFTVUwazF4WGp1WEo1U3Y5Ulo2TFFISWF1R2hxemph&is_vtc=1&ocp_id=Bw9aY_2LCamh4t4P07GLwAg&cid=CAQSKQDq26N9BfUguSP0D189fQCujManGYJqw6XYkCbk6ri8pMFQyDRaDMf1IBM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxwK77s-eDWy7M7Iqp3RgtLtd4DntYitzKg&random=1306536714&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 95

https://adservice.google.com.au/ddm/fls/i/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F HTTP 302
https://11063240.fls.doubleclick.net/ddm/fls/r/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F

Request Chain 116

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860138724/?random=256713993&cv=9&fst=1666846472338&num=1&value=0&label=WrpkCISmrdMDEOTZkpoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=CA9aY7X9GdiAz7sPqKCPqAE&sscte=1&crd=&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxyD6B-bfiMCLwdy415Tl5EemVfedzsgEnk&pscrd=EkxDaEFJOExYam1nWVExTW05dVBxWl81czdFaVVBZU9id2ctRUJnTnp2RUpQSmVqTGFUOFZwazRQWlUyVG9BbTV6WV9ieXA3bWFNQmVCGlhDaEVJOExYam1nWVFrSkd6bE9IRzljVFpBUkl0QURIbUVIV1NOVWlnUFUyM3psN0tJdHB0R0ZkalV3ZVJOOEdjYWtiNUVxcmNzdjJudnJHQTE3bm03dkZG HTTP 302
https://www.google.com/pagead/1p-conversion/860138724/?random=256713993&cv=9&fst=1666846472338&num=1&value=0&label=WrpkCISmrdMDEOTZkpoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExYam1nWVExTW05dVBxWl81czdFaVVBZU9id2ctRUJnTnp2RUpQSmVqTGFUOFZwazRQWlUyVG9BbTV6WV9ieXA3bWFNQmVCGlhDaEVJOExYam1nWVFrSkd6bE9IRzljVFpBUkl0QURIbUVIV1NOVWlnUFUyM3psN0tJdHB0R0ZkalV3ZVJOOEdjYWtiNUVxcmNzdjJudnJHQTE3bm03dkZG&is_vtc=1&ocp_id=CA9aY7X9GdiAz7sPqKCPqAE&cid=CAQSKQDq26N9Xw2ps2BrbeS122Vfm-RtDm7gzC-uQju13EQUCzLyJYBdiQG-IBM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxwccz70piHQXYD3G7-41G_5rEMGHMSb140&random=1045778714&resp=GooglemKTybQhCsO HTTP 302
https://www.google.com.au/pagead/1p-conversion/860138724/?random=256713993&cv=9&fst=1666846472338&num=1&value=0&label=WrpkCISmrdMDEOTZkpoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExYam1nWVExTW05dVBxWl81czdFaVVBZU9id2ctRUJnTnp2RUpQSmVqTGFUOFZwazRQWlUyVG9BbTV6WV9ieXA3bWFNQmVCGlhDaEVJOExYam1nWVFrSkd6bE9IRzljVFpBUkl0QURIbUVIV1NOVWlnUFUyM3psN0tJdHB0R0ZkalV3ZVJOOEdjYWtiNUVxcmNzdjJudnJHQTE3bm03dkZG&is_vtc=1&ocp_id=CA9aY7X9GdiAz7sPqKCPqAE&cid=CAQSKQDq26N9Xw2ps2BrbeS122Vfm-RtDm7gzC-uQju13EQUCzLyJYBdiQG-IBM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxwccz70piHQXYD3G7-41G_5rEMGHMSb140&random=1045778714&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 120

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/340404616/?random=1933860571&cv=9&fst=1666846472697&num=1&npa=1&label=B2v7CLrf6dECEIjTqKIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11063240.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPKcnf7O__oCFV7pcwEdT8sBCg%3Bsrc%3D11063240%3Btype%3D28swk0%3Bcat%3Dallpa0%3Bord%3D368680892685%3Bgtm%3D2wgaq0%3Bauiddc%3D813243708.1666846470%3B~oref%3Dhttps%253A%252F%252F28bysamwood.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=CA9aY4eCML2Jz7sPn5Cc0Ao&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/340404616/?random=1933860571&cv=9&fst=1666846472697&num=1&npa=1&label=B2v7CLrf6dECEIjTqKIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11063240.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPKcnf7O__oCFV7pcwEdT8sBCg%3Bsrc%3D11063240%3Btype%3D28swk0%3Bcat%3Dallpa0%3Bord%3D368680892685%3Bgtm%3D2wgaq0%3Bauiddc%3D813243708.1666846470%3B~oref%3Dhttps%253A%252F%252F28bysamwood.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=CA9aY4eCML2Jz7sPn5Cc0Ao&cid=CAQSKQDq26N9dPFxBjvX5_9oALh-L06PDd1rvA9iXrjDFYi-XSM9q0VhUcW-IBM&random=1326802578&resp=GooglemKTybQhCsO HTTP 302
https://www.google.com.au/pagead/1p-conversion/340404616/?random=1933860571&cv=9&fst=1666846472697&num=1&npa=1&label=B2v7CLrf6dECEIjTqKIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11063240.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPKcnf7O__oCFV7pcwEdT8sBCg%3Bsrc%3D11063240%3Btype%3D28swk0%3Bcat%3Dallpa0%3Bord%3D368680892685%3Bgtm%3D2wgaq0%3Bauiddc%3D813243708.1666846470%3B~oref%3Dhttps%253A%252F%252F28bysamwood.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=CA9aY4eCML2Jz7sPn5Cc0Ao&cid=CAQSKQDq26N9dPFxBjvX5_9oALh-L06PDd1rvA9iXrjDFYi-XSM9q0VhUcW-IBM&random=1326802578&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 135

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-otShazQlzkho80pVf4oaSoO39AXECTI1FzEmgw&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-otShazQlzkho80pVf4oaSoO39AXECTI1FzEmgw&expires=30

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_cm&google_hm=ay1RWDFPY1RRbHpraG84MHBWZjRvYVNvTzM5QVdwNkR3WWZQcF9sZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_gid=CAESEMBKT0VApIu2T3uj92DUcYk&google_cver=1&google_ula=913071,0

Request Chain 137

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8153414206168480416

Request Chain 138

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dzOlHzQlzkho80pVf4oaSoO39AWPy_3UfNaFfA HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dzOlHzQlzkho80pVf4oaSoO39AWPy_3UfNaFfA&C=1

Request Chain 139

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-IEe_YzQlzkho80pVf4oaSoO39AV6X6DEBb10ag HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IEe_YzQlzkho80pVf4oaSoO39AV6X6DEBb10ag

Request Chain 149

https://eb2.3lift.com/xuid?mid=2711&xuid=k-JfLZhDQlzkho80pVf4oaSoO39AVDUt65SADwmg&dongle=013b HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-JfLZhDQlzkho80pVf4oaSoO39AVDUt65SADwmg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

Request Chain 152

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=AE2m3tNwZWiT9vz4tt_yh1Vu5d0VVVvB

Request Chain 157

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA&cookieCheck=1

Request Chain 162

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_cm&google_hm=ay1RWDFPY1RRbHpraG84MHBWZjRvYVNvTzM5QVdwNkR3WWZQcF9sZw HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_gid=CAESEMBKT0VApIu2T3uj92DUcYk&google_cver=1&google_ula=913071,0

Request Chain 163

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8153414206168480416

Request Chain 177

https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23 HTTP 302
https://dis.criteo.com/dis/rtb/adgeneration/cookiematch.aspx?maid=Y1oPC8Co5r0AACUmJiYAAAAA

Request Chain 178

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=b0t34vI6vgBXtdeuOR9uSfk5dEwwVTLf

Request Chain 183

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA&cookieCheck=1

Request Chain 186

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iLFNDWHYg9NkfDEBPhE22n4Jigf-NqeS

Request Chain 187

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=N7fBw5yAV_jA2ldEHq3KRc26qO9n3C7K

Request Chain 188

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=9hj2rqEK-1Q_5ZJ0rvA-RCnFQOHcYVPG

Request Chain 189

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40 HTTP 302
https://idsync.rlcdn.com/397596.gif?partner_uid=eHpkTlUUmQ3jSPYh3ML-nb1zrQaT9kjm

190 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
28bysamwood.com/
Redirect Chain

http://28bysamwood.com/
https://28bysamwood.com/

189 KB
41 KB

386ms
191ms

Document
text/html

54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: 04f452f70b624f3ffa715912f79896486f5f40214d3a39cefb91d9b337e392c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: gzip
content-length: 41274
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 04:54:27 GMT
server: Apache/2.4.54 (Debian)
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Thu, 27 Oct 2022 04:54:27 GMT
Location: https://28bysamwood.com:443/
Server: awselb/2.0

GET
H2 200 20393310398.js Show response
cdn.optimizely.com/js/ 354 KB
94 KB 767ms
416ms Script
text/javascript 23.54.56.167
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20393310398.js

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.56.167 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-56-167.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

48e4b0f919882467fca52e96d0b0221982ec9ba5fe14972bf54ca662627dbcaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: fNq7we5cvpg3DAm9LioGjcRmMY30hK4f
content-encoding: gzip
date: Thu, 27 Oct 2022 04:54:28 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: DD7H4JD0E4866AA4
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 2067
x-amz-replication-status: COMPLETED
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="167";dur=0,cdnip;desc="23.54.56.167";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
content-length: 95431
x-amz-id-2: 8SVMe0DWSHW3u1WEnsoJWk0Q5EwLI92AoIbuVTe7bUCvPp7ai2hh9DnSV5y7U7iZSF9JQ6l/2KI=
last-modified: Mon, 10 Oct 2022 22:57:11 GMT
server: AmazonS3
etag: "33d66e02fd60f3cc6eb2f0cf2b3e90e7"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 513ms
175ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Asap+Condensed:400,700|Nothing+You+Could+Do:400|Muli:400,700&display=swap

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

5d90ddd8658c52c065f7895e2b75a2817ab3c83260721afd60620321becdf9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 04:54:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 04:54:28 GMT

GET
H2 200 hqeip.css
28bysamwood.com/wp-content/cache/wpfc-minified/8bkyr0u1/ 130 KB
18 KB 161ms
158ms Stylesheet
text/css 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/8bkyr0u1/hqeip.css
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: 2a67c852357dff0984ad4a1c43f4c63f3c523d45107df82b9d7a7bd0666b0fd2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 06:16:15 GMT
server: Apache/2.4.54 (Debian)
etag: "209f1-5e874d5437eb0-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 17729
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H2 200 hqeio.css
28bysamwood.com/wp-content/cache/wpfc-minified/lx6y06zq/ 44 KB
10 KB 185ms
182ms Stylesheet
text/css 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/lx6y06zq/hqeio.css
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: fcd9480fa74caf3a135bfff109498e57636c4860dfebcba3e830074451569227

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 06:16:15 GMT
server: Apache/2.4.54 (Debian)
etag: "b158-5e874d53e3720-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 10081
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H2 200 83jry.css
28bysamwood.com/wp-content/cache/wpfc-minified/dj3av30i/ 77 KB
15 KB 162ms
159ms Stylesheet
text/css 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/dj3av30i/83jry.css
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: 1dc9ab1e199cd012a9532b2ea6e24de10ee0dbb24fecdd3d71aa588093490e09

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Sat, 22 Oct 2022 14:57:46 GMT
server: Apache/2.4.54 (Debian)
etag: "135ae-5eba0c8010108-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 14574
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H2 200 hqein.css
28bysamwood.com/wp-content/cache/wpfc-minified/144sgwu9/ 65 KB
12 KB 186ms
184ms Stylesheet
text/css 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/144sgwu9/hqein.css
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: a42f1b9d40ae5d9771c1f24b88fd3eebfd86292aa09f31236dc7f62adf6af0bb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 06:16:13 GMT
server: Apache/2.4.54 (Debian)
etag: "1027a-5e874d52d8d80-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 11795
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
821 B 513ms
176ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?display=swap&family=Muli%3A700%7CNunito+Sans%3A400%2C400i%2C600%2C700&subset=latin%2Clatin-ext

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

ce23e9bd148c1ef26ea15c555e8f627d34c7a6ebb6ba233cde216d08dd00181e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 04:54:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 04:54:28 GMT

GET
H2 200 hqein.css
28bysamwood.com/wp-content/cache/wpfc-minified/6l3rrfjg/ 322 B
774 B 108ms
105ms Stylesheet
text/css 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/6l3rrfjg/hqein.css
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: 90961161a91523f9af789ad89300c8640dceab22bbf60f6b34883aa60c2bc991

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 06:16:13 GMT
server: Apache/2.4.54 (Debian)
etag: "142-5e874d52b3008-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 195
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H2 200 hqein.css
28bysamwood.com/wp-content/cache/wpfc-minified/2d9rkhty/ 4 KB
2 KB 185ms
182ms Stylesheet
text/css 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/2d9rkhty/hqein.css
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: fa390cf848cd8c82359e611790570a04ca5a2725eccf6c477300c05392841424

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 06:16:13 GMT
server: Apache/2.4.54 (Debian)
etag: "111c-5e874d529c0d8-gzip"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1143
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H2 200 hqeiq.js Show response
28bysamwood.com/wp-content/cache/wpfc-minified/e58cb8kf/ 101 KB
35 KB 185ms
183ms Script
application/javascript 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/e58cb8kf/hqeiq.js
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: ff6610e2c87ef5151ab80f1b5e7f35cb831a9542e65265fb4151f1b87ab7a228

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 06:16:16 GMT
server: Apache/2.4.54 (Debian)
etag: "19404-5e874d553c2c0-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 35031
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H/1.1 200
OK logo.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/2019/07/11022704/ 8 KB
9 KB 329ms
128ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/2019/07/11022704/logo.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 10a05727b16573233d1327ba5f631c16778ffd1160e64916ddb098a74ded6e6a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:30 GMT
Last-Modified: Thu, 06 May 2021 09:53:43 GMT
Server: AmazonS3
x-amz-request-id: DQQ2MQ72PABC1PMM
ETag: "379c38ecdd3d332e2fbfd0b182807c50"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8634
x-amz-id-2: n41odpVLDSIokv0X1c53hwzkC3reUhZCWve66mWYwdAzr2/yExiATOPLUPKRsma86bDdEmSKSQ0=

GET
H/1.1 200
OK arrow.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701145621/ 445 B
834 B 372ms
123ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701145621/arrow.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: aa770fc92864b9ac1b2a942a25c4a464d14b00d4d81c6f7811ef3464bf3ad768

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:30 GMT
Last-Modified: Fri, 01 Jul 2022 04:56:22 GMT
Server: AmazonS3
x-amz-request-id: DQQ8EW4JQQCPANRY
ETag: "c9aa0bcc38a9eb491fd0f5b18c197620"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 445
x-amz-id-2: UgjrfkqdhF7dIifnRs/IEQBSbVFOtiGq5m2nFDvZvnIGTSLBprnb9IZ/xJQ3Xi800cs0DSy+ZLY=

GET
H2 200 blank.gif
28bysamwood.com/wp-content/plugins/wp-fastest-cache-premium/pro/images/ 43 B
585 B 100ms
99ms Image
image/gif 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://28bysamwood.com/wp-content/plugins/wp-fastest-cache-premium/pro/images/blank.gif
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:29 GMT
last-modified: Wed, 23 Oct 2019 14:14:35 GMT
server: Apache/2.4.54 (Debian)
etag: "2b-59594895068c0"
content-type: image/gif
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 43
expires: Fri, 24 Feb 2023 04:54:29 GMT

GET
H2 200 hqeis.js Show response
28bysamwood.com/wp-content/cache/wpfc-minified/77gxmubq/ 42 KB
11 KB 111ms
111ms Script
application/javascript 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/77gxmubq/hqeis.js
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: 6a3b1e55f4adef7052bbfc4fe414992c6302ef6e43f968f465c292f25474a030

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 06:16:18 GMT
server: Apache/2.4.54 (Debian)
etag: "a9e4-5e874d571c658-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 10556
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H2 200 hqeir.js Show response
28bysamwood.com/wp-content/cache/wpfc-minified/9htqinc0/ 21 KB
7 KB 111ms
111ms Script
application/javascript 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/9htqinc0/hqeir.js
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: da7bc3776c9c4a8ef782cc272131e1652d72557ac973324bcf7ea6978f8026f0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 06:16:17 GMT
server: Apache/2.4.54 (Debian)
etag: "527c-5e874d56a2920-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 6911
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H2 200 hqeir.js Show response
28bysamwood.com/wp-content/cache/wpfc-minified/mbtwj5rl/ 24 KB
8 KB 110ms
110ms Script
application/javascript 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/mbtwj5rl/hqeir.js
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: b48801b3eeb9b35990c2eefd284b8d06bf94439f406d020a4979a08964658821

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 06:16:17 GMT
server: Apache/2.4.54 (Debian)
etag: "6146-5e874d55f3c40-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 7916
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H2 200 hqeiq.js Show response
28bysamwood.com/wp-content/cache/wpfc-minified/7ugmx6v3/ 3 KB
2 KB 107ms
107ms Script
application/javascript 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/7ugmx6v3/hqeiq.js
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: b0a1d0797e0ed0caec8d998276910599229ff015e6c99e2fe6b2c3ebc6ca8db5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:28 GMT
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 06:16:16 GMT
server: Apache/2.4.54 (Debian)
etag: "a30-5e874d5563b90-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 1142
expires: Fri, 24 Feb 2023 04:54:28 GMT

GET
H2 200 forms2.min.js Show response
app-sn04.marketo.com/js/forms2/js/ 208 KB
69 KB 1127ms
104ms Script
application/x-javascript 104.16.93.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-sn04.marketo.com/js/forms2/js/forms2.min.js

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.93.80 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849

Security Headers

Name	Value
Strict-Transport-Security	max-age=63113904
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63113904
last-modified: Tue, 04 Oct 2022 18:03:49 GMT
server: cloudflare
cf-cache-status: HIT
age: 6494
etag: "b41065-33e51-5ea394834ab40"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 7608d585be2117c8-MEL
expires: Thu, 27 Oct 2022 08:54:30 GMT

GET
H2 200 pinit.js Show response
assets.pinterest.com/js/ 361 B
448 B 733ms
169ms Script
application/javascript 23.54.56.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit.js
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.56.217 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-56-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "62d32c28f14783b94192cd8d35bc010d"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=231
accept-ranges: bytes
content-length: 203

GET
H2 200 lodash.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lodash.js/0.10.0/ 18 KB
7 KB 277ms
102ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lodash.js/0.10.0/lodash.min.js

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

958c2ecbdd6c6708cf566ceb9b10ffd133ceef822ce81ef460db8ca29e44bcb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 3653673
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6419
last-modified: Mon, 04 May 2020 16:12:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed2-464d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7608d5819a895ac4-MEL
expires: Tue, 17 Oct 2023 04:54:29 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 3 KB
1 KB 274ms
101ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=553689&u=https%3A%2F%2F28bysamwood.com%2F&f=1&r=0.0116759248627607
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gsyd1 /
Resource Hash: 95fbd05db13d6614d6e7fd6150f8caeef71641bf5f082f4cc200dcf6934a6f0a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:29 GMT
content-encoding: gzip
via: 1.1 google
server: gsyd1
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=0, no-cache, must-revalidate
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 317 KB
100 KB 529ms
191ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

3cf0dc9a3cf6622fa7493363d1e03f419d5311d386915900e461ac233ce48b28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101870
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Oct 2022 04:54:29 GMT

GET
H2 200 icomoon.ttf
28bysamwood.com/wp-content/themes/atomic-blocks-child/fonts/ 15 KB
9 KB 100ms
99ms Font
x-font/ttf 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/themes/atomic-blocks-child/fonts/icomoon.ttf?w53glo1
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/wp-content/cache/wpfc-minified/144sgwu9/hqein.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: f2fe8afbf06c3f9f3da7f323b7f43fddfd76cf6dc76ca6ce304562f4dace6188

Request headers

Referer: https://28bysamwood.com/wp-content/cache/wpfc-minified/144sgwu9/hqein.css
Origin: https://28bysamwood.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:29 GMT
content-encoding: gzip
last-modified: Tue, 06 Sep 2022 13:59:54 GMT
server: Apache/2.4.54 (Debian)
etag: "3b50-5e8029c55ca80-gzip"
vary: Accept-Encoding
content-type: x-font/ttf
cache-control: max-age=0
accept-ranges: bytes
content-length: 8276
expires: Thu, 27 Oct 2022 04:54:29 GMT

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ 30 KB
31 KB 506ms
170ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap+Condensed:400,700|Nothing+You+Could+Do:400|Muli:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://28bysamwood.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 06:48:01 GMT
x-content-type-options: nosniff
age: 252388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 06:48:01 GMT

GET
H2 200 7Aulp_0qiz-aVz7u3PJLcUMYOFkpl0k30eg.woff2
fonts.gstatic.com/s/muli/v28/ 17 KB
17 KB 690ms
355ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Aulp_0qiz-aVz7u3PJLcUMYOFkpl0k30eg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Muli%3A700%7CNunito+Sans%3A400%2C400i%2C600%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

d723600c5797a14fc4ac75c9794e11ed5ad1f48977e6790cca55d73a572aca99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://28bysamwood.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 16:42:01 GMT
x-content-type-options: nosniff
age: 43948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17084
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Oct 2023 16:42:01 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 749ms
420ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc9iB85tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?display=swap&family=Muli%3A700%7CNunito+Sans%3A400%2C400i%2C600%2C700&subset=latin%2Clatin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://28bysamwood.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 12:09:12 GMT
x-content-type-options: nosniff
age: 319517
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17156
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 23 Oct 2023 12:09:12 GMT

GET
H2 200 a20393310398.html Show response
a20393310398.cdn.optimizely.com/client_storage/ Frame AB33 1 KB
1 KB 764ms
412ms Document
text/html 104.69.149.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a20393310398.cdn.optimizely.com/client_storage/a20393310398.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20393310398.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.69.149.41 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-69-149-41.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

333b939696e6f76978556a93c83edc2eca63c9068e4947f5a2e180d20b6f24d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://28bysamwood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 777
content-type: text/html; charset=utf-8
date: Thu, 27 Oct 2022 04:54:29 GMT
etag: "ab0e4f54338871fd6f71db97cbf6c416"
last-modified: Mon, 10 Oct 2022 22:57:04 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="168";dur=0,cdnip;desc="104.69.149.41";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: +RHH0xc6EFEt5igwxt+Bf0pzARrB28d2At3PDo7Crgqw3lL4QXjBagOFWmu+l9qgwMKtKYBqpOs=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: GTQZTWDDYPNVEY8B
x-amz-server-side-encryption: AES256
x-amz-version-id: hG8bsCdQ3A7i5sayLCalrRYKx8z8wY3c

GET
H/1.1 200
OK green-check.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701142215/ 298 B
687 B 269ms
124ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701142215/green-check.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9c388e5802ba3466b6ceac518fcf9d7bbd8afd8f61270aa5b5ef3dce8c9e1b6f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:30 GMT
Last-Modified: Fri, 01 Jul 2022 04:22:16 GMT
Server: AmazonS3
x-amz-request-id: DQQ72JQF2NRJQAF6
ETag: "69f499a7085e38c1038653e4e938499b"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 298
x-amz-id-2: mN8IsHSejjDwdGZ21xnxjckwJpty7bhaJVof8Gsfns/i+db0rA7DBNkYyiBYjucHVm1vOKU0frc=

GET
H/1.1 200
OK line.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220607115803/ 199 B
588 B 111ms
110ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220607115803/line.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 864123191e727b71f339147101763d9f13965ca4e5b2aaa02b1aa640c3a76347

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:30 GMT
Last-Modified: Tue, 07 Jun 2022 01:58:04 GMT
Server: AmazonS3
x-amz-request-id: DQQ6YPM1ZA3M08SB
ETag: "3cc54a79588a4b9500ec477a33dce7b7"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 199
x-amz-id-2: TunpUFiIy8rrBm0Jt4Jk/O52U+IoI4z/TT26reQrI/qGUaFZpRExek+tbSrY9gzZxbkzgaxEAug=

GET
H2 200 Averta_Bold.otf
28bysamwood.com/wp-content/themes/atomic-blocks-child/fonts/ 140 KB
141 KB 100ms
99ms Font
application/x-font-opentype 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/themes/atomic-blocks-child/fonts/Averta_Bold.otf
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: 670bf1d096414a8674aeab9b7515e710d0608196c04866d617d2788569ab1987

Request headers

Referer: https://28bysamwood.com/
Origin: https://28bysamwood.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:29 GMT
last-modified: Tue, 06 Sep 2022 13:59:54 GMT
server: Apache/2.4.54 (Debian)
etag: "23190-5e8029c55ca80"
content-type: application/x-font-opentype
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 143760
expires: Fri, 24 Feb 2023 04:54:29 GMT

GET
H2 200 averta.otf
28bysamwood.com/wp-content/themes/atomic-blocks-child/fonts/ 139 KB
140 KB 100ms
100ms Font
application/x-font-opentype 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://28bysamwood.com/wp-content/themes/atomic-blocks-child/fonts/averta.otf
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: f0012ac60deb9e2040351432947d290bab331c4bc51b72e3c2ea2a1b0bd46c24

Request headers

Referer: https://28bysamwood.com/
Origin: https://28bysamwood.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:29 GMT
last-modified: Tue, 06 Sep 2022 13:59:54 GMT
server: Apache/2.4.54 (Debian)
etag: "22db4-5e8029c55ca80"
content-type: application/x-font-opentype
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 142772
expires: Fri, 24 Feb 2023 04:54:29 GMT

GET
H2 200 pxieypY1o9NHyXh3WvSbGSggdO83TVlDims.woff2
fonts.gstatic.com/s/asapcondensed/v15/ 21 KB
21 KB 779ms
472ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/asapcondensed/v15/pxieypY1o9NHyXh3WvSbGSggdO83TVlDims.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Asap+Condensed:400,700|Nothing+You+Could+Do:400|Muli:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

7d31a3d963efe5f9b18fca67bd745b31dff70f52d5d498d62030d8881c4d9f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://28bysamwood.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sat, 22 Oct 2022 20:41:33 GMT
x-content-type-options: nosniff
age: 375176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Oct 2023 20:41:33 GMT

GET
H/1.1 200
OK 409e7374beb4472aafb2d5634d9dc162.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701141718/ 73 KB
74 KB 112ms
111ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701141718/409e7374beb4472aafb2d5634d9dc162.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: e85691933909d8e4619f847efb3cd19ff95e44b7c0641d369594a9424339fff8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:30 GMT
Last-Modified: Fri, 01 Jul 2022 04:17:19 GMT
Server: AmazonS3
x-amz-request-id: DQQBEDJJ3KKGDYAN
ETag: "14a5b6e2ce9597b8393fc8c11356f581"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 75060
x-amz-id-2: ZhHBAxo5GbNYyRgzlJuaIIGefaciyyxulGg6fSjjbpy2d7UczIBPCGaNpcBScUM+/llWR4tztVw=

GET
H/1.1 200
OK Vector-6.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701145848/ 423 B
812 B 110ms
109ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701145848/Vector-6.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a950feee7c2b3e679beccd2c26da47ac486ffbeea6fa8183dd8eb9f0ef364694

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:30 GMT
Last-Modified: Fri, 01 Jul 2022 04:58:49 GMT
Server: AmazonS3
x-amz-request-id: DQQ79GGX15MVRBT6
ETag: "078f3a65fbea957fb1bf3d375a4a8eee"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 423
x-amz-id-2: icgsYdowpDzIGKkM0Ezg+LxhsWCYre7NXFakDRT6pg1DBe0sx1ExnV1t9UYbrESWycILlf9BDQ8=

GET
H/1.1 200
OK i1.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701142856/ 3 KB
3 KB 220ms
108ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701142856/i1.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d01e11446aed060cd739f1803fe38f28445188ccc10e084544c1e5bfce8b830c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:30 GMT
Last-Modified: Fri, 01 Jul 2022 04:28:57 GMT
Server: AmazonS3
x-amz-request-id: DQQFM5S0RA4F54SV
ETag: "a786fb1af24c606a06a5ceec64bf437e"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 2965
x-amz-id-2: iSiHWyQqQJNB1nOg2uWrccuJiMfdgfpvt7CyCY7j0Nvbk2nm1rKVGeERXcdlyD0W/vEogH6FEc8=

GET
H/1.1 200
OK i3.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701142858/ 2 KB
3 KB 224ms
112ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701142858/i3.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 984e8706c17b5c92aa5be8964edd1866207ee498d886ce350d3127d90b33f519

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:30 GMT
Last-Modified: Fri, 01 Jul 2022 04:28:59 GMT
Server: AmazonS3
x-amz-request-id: DQQD0NSNR7Q4QPQK
ETag: "e2772e2081b1d043a56887d10d3c958d"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 2509
x-amz-id-2: stEN3xCrnlYixJSj1x1C0kHs26tppcfPw3EC2ay+PydEfE8lnLhNJjBcWeu0XWEqpgt/Fz6E6zU=

GET
H/1.1 200
OK Vector-5.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701145818/ 303 B
692 B 332ms
138ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701145818/Vector-5.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: ec61d172e16d5d1eb01666478b1b9b6525884445f2df2231331727719a82bf69

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:31 GMT
Last-Modified: Fri, 01 Jul 2022 04:58:19 GMT
Server: AmazonS3
x-amz-request-id: 7M5KFE99HTWMBG8B
ETag: "ca1318e081cb20587a3156b26bc87b29"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 303
x-amz-id-2: BZkAWsaWQhidXBHNdzGqB0hZL9IVdmN6CTXTTOVjVRZePGV0sqC15wFE0P11C6mbbpTr0Rk466I=

GET
H/1.1 200
OK 9934f05e243f41e7b996dbb9d20e7d8b.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701141722/ 215 KB
216 KB 204ms
121ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701141722/9934f05e243f41e7b996dbb9d20e7d8b.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 99b78300b9732190b7cfadbd0eb2955c99397bb0490019eca5f1aba9f44d4cde

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:31 GMT
Last-Modified: Fri, 01 Jul 2022 04:17:23 GMT
Server: AmazonS3
x-amz-request-id: 7M5PHFD7F11NW7DH
ETag: "b800784fb7278636b11ad776c2fa4424"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 220537
x-amz-id-2: Q8zVhEyRUng2ExFy5hacQB8WaQhmn3YvJnlJjQlXo5ZLcXAS6dF+PWYXfdQNPH2kk+7YqNdOTU0=

GET
H/1.1 200
OK i2.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701142856/ 2 KB
3 KB 204ms
122ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701142856/i2.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9444bda0413f2e454776b9620dbd7e69efecab5803e30633f12a5a89fcb6506c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:31 GMT
Last-Modified: Fri, 01 Jul 2022 04:28:58 GMT
Server: AmazonS3
x-amz-request-id: 7M5XTN9Q1WJSVZ4Q
ETag: "a7b1872da25284e3626093075f3b5b5c"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 2545
x-amz-id-2: AFRyZp/CvTIZblQR3zj8H93X3Wm+YCrQDynBn2aGAYfdozRohp9P6llpRLsBfobnROmmMEQxbVs=

GET
H/1.1 200
OK Sam-xx-e1565156237161-300x98.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20190807153308/ 2 KB
3 KB 113ms
112ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20190807153308/Sam-xx-e1565156237161-300x98.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d09670b9b3493f97c909ebefda52b9bf5f765195c9d97e5c2901551e6959a7fe

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:31 GMT
Last-Modified: Thu, 06 May 2021 09:53:50 GMT
Server: AmazonS3
x-amz-request-id: 7M5M1XB37CPHV99X
ETag: "01e655f227c0fb0d8bd5b2066b3ba030"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2558
x-amz-id-2: TSUOeoB2eLICTpm0XyDAj5H16JnS82hCmWbF5lf5HsH9+vLGUvujXq+JD2E6FLStB4eD6scoBgY=

GET
H/1.1 200
OK android-icon-1.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701145905/ 358 B
747 B 112ms
112ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701145905/android-icon-1.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 47e31c44f306a30ecdd2165c3505f2ad57ce850909cbf5d1b3f856a303a8f06a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:31 GMT
Last-Modified: Fri, 01 Jul 2022 04:59:06 GMT
Server: AmazonS3
x-amz-request-id: 7M5M0RB2D9K69VMF
ETag: "70fcc5dfe6e0af6aa0b5b0c4c2b0ed3a"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 358
x-amz-id-2: FeAUk7hhjtU/JIIJ/J4ha2BImgSoRjhwR5b+hgQL68kZZPIw0LBzsF6g6Aar4glYbaFt4IfZD54=

GET
H/1.1 200
OK watermark-horizontal-white%402x.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20190805152539/ 4 KB
4 KB 113ms
112ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20190805152539/watermark-horizontal-white%402x.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 52215a01cc5a1f9d121e997bde9a5f2448af99b0df2e06c2565ae2400f705096

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:31 GMT
Last-Modified: Thu, 06 May 2021 09:53:49 GMT
Server: AmazonS3
x-amz-request-id: 7M5SRFJNAZEH53NP
ETag: "f4e13b84de411c6157b7173704a1ae64"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4039
x-amz-id-2: KJp2cE6Q8iFb51tPOHxVvMAgafmml8o1N9jDnIi4IfjJY13kdlbnzPoyt4O44c80WqYe+D9nIL4=

GET
H2 200 submit-spin.svg
28bysamwood.com/wp-content/plugins/wpforms-lite/assets/images/ 509 B
921 B 100ms
99ms Image
image/svg+xml 54.253.82.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://28bysamwood.com/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.253.82.12 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-253-82-12.ap-southeast-2.compute.amazonaws.com
Software: Apache/2.4.54 (Debian) /
Resource Hash: 7ffd6ec4d1b1980400d8cc710d2edd0fb7833e2c83262f8401247043ca258149

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:29 GMT
content-encoding: gzip
last-modified: Thu, 05 Mar 2020 13:44:24 GMT
server: Apache/2.4.54 (Debian)
etag: "1fd-5a01bbc1afe00-gzip"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=10368000
accept-ranges: bytes
content-length: 341
expires: Fri, 24 Feb 2023 04:54:29 GMT

GET
H/1.1 200
OK 898350e794274927a774559dc443a1f6.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701141728/ 3 MB
3 MB 116ms
116ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701141728/898350e794274927a774559dc443a1f6.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a907fccac484409195f03430efa11d403edace3885b8d6a4f23d941ad2fc6fc4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:31 GMT
Last-Modified: Fri, 01 Jul 2022 04:17:29 GMT
Server: AmazonS3
x-amz-request-id: 7M5QAZA2E4AN4WT0
ETag: "957eab3dc023405296537cd9276712b2"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3019074
x-amz-id-2: fFioCJw8y1WoUN7ED4sLDbTiSaFb00FATYktyZJpCDjWKzB24rzW8WMf/JJUqndWYujU+uJ+t+g=

GET
H2 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
214 B 297ms
296ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=553689&d=28bysamwood.com&u=D2F03E546885A5977837F4DB0DCCA0579&h=2fbc8cbc8748f42d4163c8881efc3527&t=false&r=0.45891690198817714

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:29 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 optimize.js Show response
www.google-analytics.com/gtm/ 109 KB
43 KB 564ms
227ms Script
application/javascript 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-WNPNB3M

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

Google Tag Manager /

Resource Hash

2273760913a4de5e56eafa4c1b2d664ff2ee1ff1304fa11819a8db415db8180f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43897
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Oct 2022 04:54:30 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 523ms
176ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

bb14c226d4517c67148f8c5f2680ee3081e5fa0932e9e93092c09ae60fe54606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15179
x-xss-protection: 0
server: cafe
etag: 15210647593759987154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 04:54:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 498ms
169ms Script
text/javascript 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 27 Oct 2022 03:42:24 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4326
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 27 Oct 2022 05:42:24 GMT

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 414ms
414ms Script
application/javascript 23.54.56.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.56.217 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-56-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3acbf9d2b777d47014e3208e7beaed9bc0da83728cffd4e06b8d087c4c611612

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "46a54e7dea857f7cac1a60a72df9d7a1"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H2 200 hotjar-463408.js Show response
static.hotjar.com/c/ 6 KB
3 KB 709ms
352ms Script
application/javascript 18.155.68.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-463408.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.68.61 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-68-61.sin52.r.cloudfront.net

Software

Resource Hash

f3ada64c3c0a93c06d82254e06750067bf2883fc7a9399b333c19284b11729d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 76976a7cabf47f716d4b531bdb04c906.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
etag: W/fc3447538692da9ac8d54b68a553a739
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: LKzmrEjAXp6q9j-IHH3fwgDLB7dczBUf2MgWMNpj5qBOrKRkxDaf-w==

GET
H2

200

activityi;dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F Show response
11063240.fls.doubleclick.net/ Frame 4E17
Redirect Chain

https://11063240.fls.doubleclick.net/activityi;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F?
https://11063240.fls.doubleclick.net/activityi;dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28by...

479 B
559 B

475ms
174ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11063240.fls.doubleclick.net/activityi;dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

7daf9da16fec35a0606ed67e89ea6c89785e4a3cd0560132cf73786b0a6d70ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://28bysamwood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 04:54:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 04:54:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://11063240.fls.doubleclick.net/activityi;dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 102 KB
27 KB 523ms
171ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Oct 2022 04:54:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27076
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: L2KwrgVeBDgAsf0Ht8PcayHipNfLhVAWywgHP3mm/n8coHvaTbpxRmMAORvRIX1c0/AURXK7omRbD9c96DSbzg==
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
a785103026084cf5b58eb82dc405c5b5.js.ubembed.com/ 36 KB
9 KB 269ms
85ms Script
application/json 151.101.193.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://a785103026084cf5b58eb82dc405c5b5.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.193.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5e3b8368f0c4f5c30421b4ed571b68e49594b0bba449534de2ffe89e7e84e311

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:30 GMT
content-encoding: br
x-backend-region: ap_southeast_1
x-amz-cf-pop: MEL50-C1
age: 1644
etag: W/5624ed4818a1e058c39dfa6dc4a03960-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: apZIEE_aSQ0FlXA=

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
2 KB 532ms
168ms Script
application/x-javascript 23.9.178.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.178.224 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-178-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:30 GMT
Content-Encoding: gzip
Last-Modified: Fri, 09 Sep 2022 01:18:39 GMT
Server: AkamaiNetStorage
ETag: "92b41a298690c047b0c4602dd843cba4:1662686319.691662"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 728

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 676ms
468ms Script
application/javascript 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 27 Oct 2022 04:54:30 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 76A374528B3F4211AFF87517F99B046A Ref B: MEL01EDGE1013 Ref C: 2022-10-27T04:54:30Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11367

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 525ms
174ms Script
application/javascript 103.229.10.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 530ada81665d4f8f68e14afba4d6ae64128d80240dda6ddc8919b31d65a69702

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:30 GMT
content-encoding: gzip
etag: "bLcVTDhl2t9kvw7/36cOxA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 03 Nov 2022 04:54:30 GMT

GET
H2 200 sdk.js Show response
analytics.tiktok.com/i18n/pixel/ 125 KB
38 KB 1125ms
416ms Script
application/javascript 104.88.70.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTHB9O3Q55EMJL0L3V80
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.70.195 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-88-70-195.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e96a49139f15097f8de35a000a984898b8afb4b69e2e892d803247b3483060dd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id: 1c18ba01.7a5d8b99
date: Thu, 27 Oct 2022 04:54:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-88-70-191.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time: 224,104.88.70.191
server-timing: cdn-cache; desc=MISS, edge; dur=216, origin; dur=8, inner; dur=3
pragma: no-cache
server: nginx
x-tt-logid: 20221027045431841C57C59C5F216A3B01
x-cache-remote: TCP_MISS from a23-220-107-82.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.107.82
x-tt-trace-host: 01f3257378d465fc4b4694cfa18dcad711e79507fc9ef99a17ea81097e955c7f1386b9a84761a623ef042b3fc1170adc09285d1968d7941a66fadc5edfbf0cc92ea4cf9f12e8ba48c7b5952d21cf97fe17e8f37a288f2b88271aa39df85e337acf
expires: Thu, 27 Oct 2022 04:54:31 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 513ms
170ms Script
application/javascript 119.161.10.11
YAHOO-HK2-AP inte...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.11 Singapore, Singapore, ASN38032 (YAHOO-HK2-AP internet content provider, HK),

Reverse DNS

e1.ycpi.vip.sgb.yahoo.com

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:15:53 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
x-amz-request-id: YJBD71TAT537J691
age: 2320
x-amz-server-side-encryption: AES256
x-amz-id-2: EFeT+2Q/sGOA8a4kFjgXX0m0dJOk+4Cv4CqNnQUyjuW2nbH6xDhc/lA9lJbNBp0PCdkq+xNjrvs=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 124 KB
38 KB 958ms
389ms Script
application/javascript 104.88.70.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C54HP9BG5HFBPDLNHNO0&lib=ttq
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.70.195 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-88-70-195.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6a32184eb2b67b3e70a10339b38a1de6296e3cb34588f048e429a43789ae6bc4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id: 6f875939.7a5d8b9a
date: Thu, 27 Oct 2022 04:54:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-88-70-191.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time: 217,104.88.70.191
server-timing: cdn-cache; desc=MISS, edge; dur=210, origin; dur=7, inner; dur=2
pragma: no-cache
server: nginx
x-tt-logid: 2022102704543177544EB1F5C32FB2909F
x-cache-remote: TCP_MISS from a23-220-107-79.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.220.107.79
x-tt-trace-host: 01f3257378d465fc4b4694cfa18dcad711e79507fc9ef99a17ea81097e955c7f138be66917208b076618e76fd91b6ab5146866fc6fd9a185f0fa2aec2f6cff0bd82271612a704ba7941ffc722363aae8902926a7dbc18d03a68e10374d739703f4
expires: Thu, 27 Oct 2022 04:54:31 GMT

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 42 KB
15 KB 678ms
337ms Script
application/javascript 182.161.73.133
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=92184

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.133 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

1649ba1cf65532c191a320fe09aac11b1c83bef1f28c240ebb226975165efb57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 211 KB
74 KB 473ms
172ms Script
application/javascript 142.250.4.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-R44YSHGLZN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

fc346c8c4ce194b8376a805389b642c59913256dfedaaed3ae56f0a6299f86f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75770
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 27 Oct 2022 04:54:30 GMT

GET
H/1.1 200
OK pixel
q.quora.com/_/ad/163bae54dee54b2db46e15b5fc75b42e/ 43 B
423 B 1186ms
295ms Image
image/gif 3.234.95.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://q.quora.com/_/ad/163bae54dee54b2db46e15b5fc75b42e/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2F28bysamwood.com%2F

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.234.95.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-234-95-123.compute-1.amazonaws.com

Software

nginx /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:31 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Server: nginx
Connection: keep-alive
Content-Length: 43
X-Q-Stat: ,280156328ff60bb1b30a572903ff8774,10.0.0.248,59468,103.209.254.130,,72454025669,1,1666846471.915,0.001,,.,0,0,0.000,0.000,-,0,0,197,102,51,10,34729,,,,,,-,
Content-Type: image/gif

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 1170ms
291ms XHR
text/plain 54.87.231.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20393310398.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.231.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-231-226.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 27 Oct 2022 04:54:31 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://28bysamwood.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 46d051e6-537b-4a57-805f-2d6500d1a8b2

GET
H2 200 profitwell.js Show response
public.profitwell.com/js/ 35 KB
9 KB 1343ms
469ms Script
application/x-javascript 99.86.159.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.profitwell.com/js/profitwell.js?auth=3970939e6172c297b4834470aca96ef5
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.159.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-159-12.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-amz-version-id: Wa8rEL0sgfJJ468C6RWZ8GSg57cuV9EE
content-encoding: gzip
via: 1.1 bc4e4c44abae4a5bb17b234953976b88.cloudfront.net (CloudFront)
date: Thu, 27 Oct 2022 04:54:31 GMT
last-modified: Tue, 28 Jun 2022 18:43:42 GMT
server: AmazonS3
x-amz-cf-pop: MXP64-C2
age: 3366
etag: W/"f3710cf44008e9509cf9d74fde8cff1f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: public,max-age=86400
x-amz-cf-id: NUWtcaxaHS9umQ_1uoPDvn1IAOyiqsNbwa7HIt3mcARn5PTrTsXyig==

GET
H2 200 pinit_main.js Show response
assets.pinterest.com/js/ 66 KB
19 KB 168ms
168ms Script
application/javascript 23.54.56.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.pinterest.com/js/pinit_main.js?0.8124218475269085
Requested by: Host: assets.pinterest.com
URL: https://assets.pinterest.com/js/pinit.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.56.217 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-56-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-x-true-ttl: 300
content-encoding: br
x-cdn: akamai
etag: "3725764cf05d1a0938de73d398772331"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=225
accept-ranges: bytes
content-length: 18679

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 543ms
194ms Script
application/javascript 13.33.33.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: a785103026084cf5b58eb82dc405c5b5.js.ubembed.com
URL: https://a785103026084cf5b58eb82dc405c5b5.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-116.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 23:16:49 GMT
content-encoding: gzip
via: 1.1 475d669d6a669094dfa09def007f90d6.cloudfront.net (CloudFront)
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 5031463
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: BkromFKE2grUAGTRZjx3ccaObz3N6m7qBsCZBDXrfL00UBsfGGRfmA==

GET
H2 200 main.88d900f0.js Show response
s.pinimg.com/ct/lib/ 58 KB
21 KB 439ms
439ms Script
application/javascript 23.54.56.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.88d900f0.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.54.56.217 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-54-56-217.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d520596b5a8464b43fe9f4790488cca3d1bbd83bd57bbff0e1f1c8d95fd675b2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "f58a4ecdf2a3d1b84035641164fb199f"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20715

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/162/ 11 KB
5 KB 308ms
308ms Script
application/x-javascript 23.9.178.224
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/162/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.9.178.224 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-9-178-224.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:31 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Jul 2022 00:59:12 GMT
Server: AkamaiNetStorage
ETag: "75daf56f6191efe42577301908659c29:1656637152.894482"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Content-Type: application/x-javascript
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4677
Expires: Sat, 04 Feb 2023 04:54:31 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/860138724/ 2 KB
2 KB 517ms
178ms Script
text/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860138724/?random=1666846470754&cv=9&fst=1666846470754&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

91ba319cf3d5d7320492f1b2f32ed0289946007da64111be282b6c2600e27d85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1019
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/323390932/ 2 KB
2 KB 481ms
180ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/323390932/?random=1666846470756&cv=9&fst=1666846470756&num=1&value=0&label=Uq-wCPnv54oDENSbmpoB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

9b9249a97d202379903114b9eef0381300feb1084cedce44001bc2c43424589b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1406
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
347 B 514ms
170ms Ping
text/plain 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-R44YSHGLZN&gtm=2oeaq0&_p=603489603&_gaz=1&cid=288599252.1666846471&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666846470&sct=1&seg=0&dl=https%3A%2F%2F28bysamwood.com%2F&dt=28bysamwood%20%7C%2028%20By%20Sam%20Wood&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R44YSHGLZN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.12.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f139.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://28bysamwood.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 469ms
167ms Ping
text/plain 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-R44YSHGLZN&cid=288599252.1666846471&gtm=2oeaq0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-R44YSHGLZN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://28bysamwood.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
501 B 509ms
175ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-R44YSHGLZN&cid=288599252.1666846471&gtm=2oeaq0&aip=1&z=420853335

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1587707828188550 Show response
connect.facebook.net/signals/config/ 483 KB
142 KB 579ms
405ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1587707828188550?v=2.9.88&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

b459a0c500fa20aa8104463f001f73d24e2551a444a390481678989f17c27ff7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 27 Oct 2022 04:54:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: LqdP8KNRJt7yX7doFPNDGjuFJRdIDRcm6u3432vzT4h2Za3MjZo5omSZ7qXAyyQCAxwrtG/5/J4DG32i5eCl8g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.5a17f10e21dd3fd3b841.js Show response
script.hotjar.com/ 254 KB
65 KB 561ms
198ms Script
application/javascript 54.192.150.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-463408.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.150.40 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-192-150-40.sin2.r.cloudfront.net

Software

Resource Hash

6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 11:38:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 17fb84bf4d70f7e6db47eb138f34fc8a.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-C1
age: 62184
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 66091
last-modified: Wed, 26 Oct 2022 11:37:54 GMT
etag: "f784e2f70f455f7e613fcb9f757607c4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: p3KmMa-tZbxAikcUlKlBbJDvXrhdNXuZpFOmAkDFX5uz7dXPIONYhA==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
180 B 470ms
169ms XHR
text/plain 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=603489603&t=pageview&_s=1&dl=https%3A%2F%2F28bysamwood.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=28bysamwood%20%7C%2028%20By%20Sam%20Wood&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDACEABRAAAACAAI~&jid=689353962&gjid=1045255790&cid=288599252.1666846471&tid=UA-70237259-1&_gid=547549078.1666846471&_r=1&gtm=2wgaq0MZ9XDQ&cd16=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F106.0.5249.119%20Safari%2F537.36&z=530628544

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://28bysamwood.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-c1417f7b48595d0dbca01c86f95d6dbb.html Show response
vars.hotjar.com/ Frame A954 2 KB
1 KB 572ms
169ms Document
text/html 13.33.88.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-c1417f7b48595d0dbca01c86f95d6dbb.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-463408.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.88.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-88-124.sin2.r.cloudfront.net

Software

Resource Hash

c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://28bysamwood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 762144
cache-control: max-age=31536000
content-encoding: br
content-length: 1035
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 18 Oct 2022 09:12:07 GMT
etag: "d2c298a660a1ee92f094a3d504e3e2e6"
last-modified: Tue, 18 Oct 2022 09:11:19 GMT
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
via: 1.1 35a6ccd005bb4de1deff66dab22059c4.cloudfront.net (CloudFront)
x-amz-cf-id: 24iq2mQ1dpwMsQrBPF7eP1MuaHUvI3d6k8wKp04T5EyoYTUM4kQYng==
x-amz-cf-pop: SIN2-P2
x-cache: Hit from cloudfront
x-robots-tag: none

GET
H2 200 rules-p-_J8WBjagYAkWw.js Show response
rules.quantcount.com/ 3 KB
2 KB 514ms
170ms Script
application/javascript 13.33.33.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_J8WBjagYAkWw.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-118.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6833034c22ea122d5e365fc8cb6d2cde5e168ee682798944ce628f9c0a52e87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:31 GMT
content-encoding: gzip
via: 1.1 688d077d459126044c73cddb0faa7b3c.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 392
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 14 Oct 2022 00:08:46 GMT
server: AmazonS3
etag: W/"2c3d58a45813aa15a23ff5b3f9b78375"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: sSXihPvxS0EZnQI4FaQ0_JmSdvCo6vPbkcrtyxww862ArdCnrtgXQQ==

GET
H2 204 26079551.js Show response
bat.bing.com/p/action/ 0
117 B 239ms
239ms Script
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26079551.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Oct 2022 04:54:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A1AA2F3B058C4714A8D388CAD0EE6A18 Ref B: MEL01EDGE1013 Ref C: 2022-10-27T04:54:31Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
176 B 320ms
319ms Image
text/plain 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26079551&Ver=2&mid=8b9707b0-5aa1-4371-af80-5e55109e0722&sid=718f53d055b311eda17f5f91db7e3cbb&vid=718f7a4055b311ed8b592384e891ef54&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=28bysamwood%20%7C%2028%20By%20Sam%20Wood&p=https%3A%2F%2F28bysamwood.com%2F&r=&lt=2836&evt=pageLoad&sv=1&rn=377256

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

a-0001.a-msedge.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 27 Oct 2022 04:54:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0C2DA35C7DE34188A1ACAD0CC70E7669 Ref B: MEL01EDGE1013 Ref C: 2022-10-27T04:54:31Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 89AC 482 B
853 B 521ms
178ms Document
text/html 142.250.4.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F

Requested by

Host: 11063240.fls.doubleclick.net
URL: https://11063240.fls.doubleclick.net/activityi;dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f157.1e100.net

Software

cafe /

Resource Hash

ba456b951d9404b7b74379629337df7aba4f03627ebe6c4468f877ab85f9bf31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://11063240.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 384
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 04:54:31 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

/
www.google.com.au/pagead/1p-conversion/323390932/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/323390932/?random=635496957&cv=9&fst=1666846470756&num=1&value=0&label=Uq-wCPnv54oDENSbmpoB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/323390932/?random=635496957&cv=9&fst=1666846470756&num=1&value=0&label=Uq-wCPnv54oDENSbmpoB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.com.au/pagead/1p-conversion/323390932/?random=635496957&cv=9&fst=1666846470756&num=1&value=0&label=Uq-wCPnv54oDENSbmpoB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&...

42 B
64 B

234ms
183ms

Image
image/gif

142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-conversion/323390932/?random=635496957&cv=9&fst=1666846470756&num=1&value=0&label=Uq-wCPnv54oDENSbmpoB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExYam1nWVExTW05dVBxWl81czdFaVVBZU9id2ctRUJnTnp2RUpQSmVqTGFUOFZwazRQWlUyVG9BbTV6WV9ieXA3bWFNQmVCGlhDaEVJOExYam1nWVFrSkd6bE9IRzljVFpBUkl0QURIbUVIVnRqQTlsQXBkbDNKVkV0SXJlMUpiS1JFTVUwazF4WGp1WEo1U3Y5Ulo2TFFISWF1R2hxemph&is_vtc=1&ocp_id=Bw9aY_2LCamh4t4P07GLwAg&cid=CAQSKQDq26N9BfUguSP0D189fQCujManGYJqw6XYkCbk6ri8pMFQyDRaDMf1IBM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxwK77s-eDWy7M7Iqp3RgtLtd4DntYitzKg&random=1306536714&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-conversion/323390932/?random=635496957&cv=9&fst=1666846470756&num=1&value=0&label=Uq-wCPnv54oDENSbmpoB&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExYam1nWVExTW05dVBxWl81czdFaVVBZU9id2ctRUJnTnp2RUpQSmVqTGFUOFZwazRQWlUyVG9BbTV6WV9ieXA3bWFNQmVCGlhDaEVJOExYam1nWVFrSkd6bE9IRzljVFpBUkl0QURIbUVIVnRqQTlsQXBkbDNKVkV0SXJlMUpiS1JFTVUwazF4WGp1WEo1U3Y5Ulo2TFFISWF1R2hxemph&is_vtc=1&ocp_id=Bw9aY_2LCamh4t4P07GLwAg&cid=CAQSKQDq26N9BfUguSP0D189fQCujManGYJqw6XYkCbk6ri8pMFQyDRaDMf1IBM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxwK77s-eDWy7M7Iqp3RgtLtd4DntYitzKg&random=1306536714&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK visitWebPage
678-qxr-802.mktoresp.com/webevents/ 2 B
487 B 867ms
99ms Ping
text/plain 103.237.104.82
MARKETO

General

Check archive.org

Show headers Download Go to

Full URL: https://678-qxr-802.mktoresp.com/webevents/visitWebPage?_mchNc=1666846471354&_mchCn=&_mchId=678-QXR-802&_mchTk=_mch-28bysamwood.com-1666846471354-87653&_mchHo=28bysamwood.com&_mchPo=&_mchRu=%2F&_mchPc=https%3A&_mchVr=162&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/162/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.237.104.82 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:32 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: d1b278e6-5209-421f-b1bd-d49877dc6b05

GET
H2 200 10154326.json Show response
s.yimg.com/wi/config/ 46 B
686 B 511ms
168ms XHR
application/octet-stream 119.161.10.11
YAHOO-HK2-AP inte...

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10154326.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

119.161.10.11 Singapore, Singapore, ASN38032 (YAHOO-HK2-AP internet content provider, HK),

Reverse DNS

e1.ycpi.vip.sgb.yahoo.com

Software

ATS /

Resource Hash

53def91a0c5c82575bda2553508d0ef5a5f1baaf8b9aec67c847172c2f545329

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 26 Oct 2022 11:01:51 GMT
x-amz-version-id: Fc8pv0zjvrULNNfRINJwAmn9YpZE65AT
x-content-type-options: nosniff
strict-transport-security: max-age=15552000
x-amz-request-id: 03EMBAX6N3QYB8YH
age: 64362
x-amz-server-side-encryption: AES256
content-length: 46
x-amz-id-2: 1LecV8WQESiYu9uF7vGcTf76MrhRy5mxfkWaYBnH6GnFZyUFbwFrFjSypsqvUPIJvDmT24QQGpo=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 16 Mar 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Feb 2022 04:53:11 GMT
server: ATS
etag: "74d959c1e00c79c762419e16ed0052c0"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 551E 15 KB
6 KB 517ms
173ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=28bysamwood.com&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=92184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://28bysamwood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 04:54:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 447889
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
217 B 168ms
167ms XHR
text/plain 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-70237259-1&cid=288599252.1666846471&jid=689353962&gjid=1045255790&_gid=547549078.1666846471&_u=aCDACEAARAAAACAAI~&z=1857942515

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 27 Oct 2022 04:54:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://28bysamwood.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
log.pinterest.com/ 0
334 B 495ms
318ms Image
text/plain 151.101.0.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.pinterest.com/?type=pidget&guid=suPcHQKNKyEz&tv=2021110201&event=init&sub=www&button_count=1&follow_count=0&pin_count=0&button_hover=1&profile_count=0&board_count=0&section_count=0&lang=en&nvl=en-US&via=https%3A%2F%2F28bysamwood.com%2F&viaSrc=canonical
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.0.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 27 Oct 2022 04:54:31 GMT
via: 1.1 varnish
x-cache: MISS
x-envoy-upstream-service-time: 1
x-pinterest-rid: 2542858712224924
content-length: 0
x-served-by: cache-mel11237-MEL
pragma: no-cache
server: envoy
x-timer: S1666846472.696673,VS0,VE233
access-control-max-age: 86400
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
accept-ranges: bytes
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 534 B
858 B 436ms
407ms XHR
application/json 23.54.56.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613498407914&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1666846471479&dep=2%2CPAGE_LOAD

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.88d900f0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.56.217 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-56-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.a5213517.1666846471.59d0759
x-envoy-upstream-service-time: 1
content-length: 377
x-pinterest-rid: 1625313265176599
pin-unauth: dWlkPU1UYzNNRFkxT0dFdFpEa3pNQzAwT0RreUxXSXpPR0V0WTJaaFptWTVZelUyTlRaaA
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://28bysamwood.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 534 B
859 B 420ms
392ms XHR
application/json 23.54.56.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613498407914&cb=1666846471480&dep=5%2CEVENT_TAGS_ABSENT

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.88d900f0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.56.217 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-56-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.a5213517.1666846471.59d075a
x-envoy-upstream-service-time: 0
content-length: 377
x-pinterest-rid: 1165986594799414
pin-unauth: dWlkPU5EQXpNVFV4WXprdE1qUXlNeTAwWkRJd0xXRmxZMll0TWpWak9UYzBNemxrWVRCbQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://28bysamwood.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 394ms
394ms Image
image/gif 23.54.56.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613498407914&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2F28bysamwood.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2288d900f0%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1666846471482

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.56.217 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-56-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:31 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.a5213517.1666846471.59d07c6
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 8361746297783040
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/860138724/ 42 B
108 B 524ms
182ms Image
image/gif 74.125.24.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/860138724/?random=1666846470754&cv=9&fst=1666843200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&async=1&fmt=3&is_vtc=1&random=288508278&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/860138724/ 42 B
154 B 474ms
172ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/860138724/?random=1666846470754&cv=9&fst=1666843200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&async=1&fmt=3&is_vtc=1&random=288508278&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK h.html Show response
a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/4b302ccc-3bac-46e3-8e78-e922c37cbba9/ Frame 7D31 16 KB
4 KB 547ms
181ms Document
text/html 54.254.43.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/4b302ccc-3bac-46e3-8e78-e922c37cbba9/h.html?closedAt=0
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 54.254.43.115 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-254-43-115.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 3f67044d0ceb901343a38411f1ea5e60ca9caf22d639243013b345322891afba

Request headers

Referer: https://28bysamwood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 3531
content-type: text/html; charset=utf-8
date: Thu, 27 Oct 2022 04:54:32 GMT
etag: "b8cbf939fbfc406db7927024ef33b4a4"
x-proxy-backend: page-server
x-unbounce-pageid: 4b302ccc-3bac-46e3-8e78-e922c37cbba9

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 280ms
177ms Image
image/gif 74.125.24.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-70237259-1&cid=288599252.1666846471&jid=689353962&_u=aCDACEAARAAAACAAI~&z=612550633

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.103 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f103.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
107 B 475ms
172ms Image
image/gif 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-70237259-1&cid=288599252.1666846471&jid=689353962&_u=aCDACEAARAAAACAAI~&z=612550633

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F Show response
11063240.fls.doubleclick.net/ddm/fls/r/ Frame D06F
Redirect Chain

https://adservice.google.com.au/ddm/fls/i/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwo...
https://11063240.fls.doubleclick.net/ddm/fls/r/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28by...

836 B
513 B

176ms
176ms

Document
text/html

142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11063240.fls.doubleclick.net/ddm/fls/r/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f149.1e100.net

Software

cafe /

Resource Hash

db48908c5b66d01fe1280e583421b633be2f2a203b3c8051b9c77ee2798f4525

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 490
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 04:54:32 GMT
expires: Thu, 27 Oct 2022 04:54:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 04:54:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
location: https://11063240.fls.doubleclick.net/ddm/fls/r/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
578 B 402ms
401ms Image
image/gif 23.54.56.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?event=pagevisit&ed=%7B%22np%22%3A%22gtm%22%7D&tid=2613498407914&cb=1666846471904&dep=5%2CEVENT_TAGS_ABSENT&pd=%7B%22np%22%3A%22gtm%22%7D&ad=%7B%22loc%22%3A%22https%3A%2F%2F28bysamwood.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2288d900f0%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.56.217 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-56-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.a5213517.1666846472.59d0b45
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 3
content-length: 35
x-pinterest-rid: 5241727689370216
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 519ms
171ms Image
image/gif 106.10.236.146
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Thu%2C%2027%20Oct%202022%2004%3A54%3A31%20GMT&n=0&b=28bysamwood%20%7C%2028%20By%20Sam%20Wood&.yp=10154326&f=https%3A%2F%2F28bysamwood.com%2F&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

106.10.236.146 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

spdc.pbp.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Oct 2022 04:54:32 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
245 B 514ms
172ms Image
image/gif 106.10.236.146
YAHOO-SG3 interne...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&b=28bysamwood%20%7C%2028%20By%20Sam%20Wood&.yp=10154326&f=https%3A%2F%2F28bysamwood.com%2F&enc=UTF-8&yv=1.13.0&et=custom&ec=1&tagmgr=gtm

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

106.10.236.146 Singapore, Singapore, ASN56173 (YAHOO-SG3 internet content provider, SG),

Reverse DNS

spdc.pbp.vip.sg3.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Thu, 27 Oct 2022 04:54:32 GMT

GET
H2 200 pixel;r=981137708;labels=_fp.event.Home%20Page%2C_fp.event.Site%20Land%2C_fp.event.Homepage;rf=0;a=p-_J8WBjagYAkWw;url=https%3A%2F%2F28bysamwood.com%2F;uht=2;fpan=1;fpa=P0-464972439-1666846471948;p...
pixel.quantserve.com/ 35 B
371 B 175ms
174ms Image
image/gif 103.229.10.247
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=981137708;labels=_fp.event.Home%20Page%2C_fp.event.Site%20Land%2C_fp.event.Homepage;rf=0;a=p-_J8WBjagYAkWw;url=https%3A%2F%2F28bysamwood.com%2F;uht=2;fpan=1;fpa=P0-464972439-1666846471948;pbc=;ns=0;ce=1;qjs=1;qv=1ce15e3b-20221024154237;cm=;gdpr=0;ref=;d=28bysamwood.com;dst=0;et=1666846471948;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.28bysamwood%20%7C%2028%20By%20Sam%20Wood%2Cdescription.Fond%C3%A9%20en%202008%252C%20Quatro%20Casino%20Canada%20est%20consid%C3%A9r%C3%A9%20comme%20un%20site%20de%20jeux%20en%20ligne%2Curl.https%3A%2F%2F28bysamwood%252Ecom%2F%2Csite_name.28%20By%20Sam%20Wood%2Cimage.https%3A%2F%2F28bysamwood%252Ecom%2Fwp-content%2Fuploads%2Farrow%252Epng;ses=7c8ca0b2-6e09-47de-8998-43563e7b7420

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 551E 444 B
562 B 172ms
171ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=onetag&domain=28bysamwood.com&sn=ChromeSyncframe&so=0&topUrl=28bysamwood.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=28bysamwood.com&origin=onetag

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

29751b3e1dfde6a5e92e42dd00e4cb39a58ffc6b7e4ccf6035d6e9184688e4e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://gum.criteo.com/syncframe?topUrl=28bysamwood.com&origin=onetag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:31 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1095732
expires: 0

GET
H2 200 identify.js Show response
analytics.tiktok.com/i18n/pixel/ 114 KB
31 KB 670ms
669ms Script
application/javascript 104.88.70.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTHB9O3Q55EMJL0L3V80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.70.195 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-88-70-195.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
content-encoding: gzip
x-akamai-request-id: 7a5d8d04
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20221027045432CFE88B2721E455B35D3B
vary: Accept-Encoding
x-cache: TCP_MISS from a104-88-70-191.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 482,104.88.70.191
x-tt-trace-host: 01f3257378d465fc4b4694cfa18dcad711fe554ed95ea81c6667d1e0ffccbef4756af3604956c5e5432ec2a18908e6ba273b01bfe570b676e72ad3d02c0a19ad1a5625fbd181147bf1cab6ce3f6695e7ea
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=482
expires: Thu, 27 Oct 2022 04:54:32 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 879 B
1 KB 407ms
406ms Script
application/javascript 104.88.70.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C54HP9BG5HFBPDLNHNO0&hostname=28bysamwood.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTHB9O3Q55EMJL0L3V80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.70.195 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-88-70-195.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e852af87a6f3055d43b7a10c82f7b85a6ad764fe5d69b49295cae3a621c42b24

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id: 7a5d8d13
date: Thu, 27 Oct 2022 04:54:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-88-70-191.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
server-timing: inner; dur=2, cdn-cache; desc=MISS, edge; dur=0, origin; dur=228
content-length: 359
pragma: no-cache
server: nginx
x-tt-logid: 202210270454328C6079625D6D0B69BD87
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 228,104.88.70.191
x-tt-trace-host: 01f3257378d465fc4b4694cfa18dcad711fe554ed95ea81c6667d1e0ffccbef4753c331d96a7c860801f3458ef5b9917d146d6a4b40cc9a7ada0bc04ffc16be8afd1b562346017c7cb3bf63732972817e0
expires: Thu, 27 Oct 2022 04:54:32 GMT

GET
H2 200 config.js Show response
analytics.tiktok.com/i18n/pixel/ 61 KB
20 KB 399ms
399ms Script
application/javascript 104.88.70.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=BTHB9O3Q55EMJL0L3V80&hostname=28bysamwood.com
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTHB9O3Q55EMJL0L3V80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.70.195 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-88-70-195.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7ab3394ac6ef6fe13fcfd92702952123fa67325bc609a1fce59b138a47c257b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-akamai-request-id: e297d657.7a5d8d14
date: Thu, 27 Oct 2022 04:54:32 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-88-70-191.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time: 224,104.88.70.191
server-timing: cdn-cache; desc=MISS, edge; dur=216, origin; dur=8, inner; dur=4
pragma: no-cache
server: nginx
x-tt-logid: 202210270454329EDC2CB81D5E906A5F6A
x-cache-remote: TCP_MISS from a23-220-107-73.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.107.73
x-tt-trace-host: 01f3257378d465fc4b4694cfa18dcad711e79507fc9ef99a17ea81097e955c7f13ddeba75a582485bc9d66037835edc5d603024d40baffaa75041ba9c38e4bbc53ab8c890def1492cc54a61d7e5ac87ee4c569918e7cb87bd1996fb7c75d624ad2
expires: Thu, 27 Oct 2022 04:54:32 GMT

POST
H2 200 events Show response
fycdai.28bysamwood.com/ 0
163 B 307ms
96ms XHR
text/plain 3.26.166.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fycdai.28bysamwood.com/events

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/1587707828188550?v=2.9.88&r=stable

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.26.166.39 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-26-166-39.ap-southeast-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://28bysamwood.com
date: Thu, 27 Oct 2022 04:54:32 GMT
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 512ms
169ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1587707828188550&ev=PageView&dl=https%3A%2F%2F28bysamwood.com%2F&rl=&if=false&ts=1666846472058&sw=1600&sh=1200&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666846472055.1196271011&eid=ob3_plugin-set_bb0966698015554571da47afd1dba2e4cd21d1ba365c58388f391b260063a909&it=1666846470936&coo=false&exp=c1&rqm=GET

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 27 Oct 2022 04:54:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 528ms
183ms Script
application/x-javascript 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=92184&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26site_type%3Dd%26z%3Dundefined&p2=e%3Dvpg&p3=e%3Ddis&adce=1&bundle=t_nMJ19hSHpGbXhEYVUyWSUyRlNxeDdOV0N0NzVwWiUyQlNkQ2YlMkY3bEVDZjBnSGFoTjZ2ckdMaHR2OG5SSlU4cGdyMEslMkYxV2dHWVk1THZWTERqNGQlMkJJSHFQUnhOJTJCdVlHcUdnNXBnOUNkRVVIOW1UcnB3ZUxMOUMlMkJjeEo0U2NEc2dnVjQyRFgzME5lbk9pWW9LTlhQaEZpb2ptVHdCQSUzRCUzRA&tld=28bysamwood.com&dy=1&fu=https%253A%252F%252F28bysamwood.com%252F&dtycbr=17290

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=92184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

7f43da7b831b413d6eecf2a322183780d0aea27889e1f59a14fe6e4c7d0c054b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 13548626
timing-allow-origin: *
expires: 0

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ Frame 7D31 15 KB
3 KB 526ms
175ms Stylesheet
text/css 13.33.88.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com
URL: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/4b302ccc-3bac-46e3-8e78-e922c37cbba9/h.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-114.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 20:01:25 GMT
content-encoding: gzip
via: 1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
x-amz-version-id: KMvcis7.L0zEYzi_9UIlTjJ2K9lUXHro
last-modified: Wed, 11 May 2022 15:25:12 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 12732788
etag: "8a6914b8829d3f926055f689771fe755"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2902
x-amz-cf-id: tUU_ofDyARZ6RD7u1H7PlGIvh6_hrRtv-6jxZWpwxyAPsCRR7gQyXg==

GET
H2 200 main.bundle-384ff03.z.js Show response
builder-assets.unbounce.com/published-js/ Frame 7D31 103 KB
33 KB 567ms
217ms Script
application/javascript 13.33.88.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Requested by: Host: a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com
URL: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/4b302ccc-3bac-46e3-8e78-e922c37cbba9/h.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.88.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-114.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 17:18:45 GMT
content-encoding: gzip
via: 1.1 73a569eafe77b39b17f3e8ef76c14c7c.cloudfront.net (CloudFront)
x-amz-version-id: 8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
last-modified: Mon, 04 Jul 2022 16:47:26 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 9891348
etag: "1825a0c47b2e38b6cf30a4072987bce1"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33495
x-amz-cf-id: wqloOkKEE3d52UDVblOp6dfme0pU3ADWOCsACp3wdezs6kUHvg9JYw==

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/463408/ 148 B
322 B 1074ms
359ms XHR
application/json 34.248.5.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/463408/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5a17f10e21dd3fd3b841.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.5.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-5-173.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Thu, 27 Oct 2022 04:54:33 GMT
content-encoding: br
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
360 B 291ms
290ms XHR
text/plain 54.87.231.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20393310398.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.87.231.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-231-226.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 27 Oct 2022 04:54:32 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://28bysamwood.com
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: b9214c29-1016-4753-a32a-bcc4d9831f87

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/860138724/ 2 KB
1 KB 173ms
172ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/860138724/?random=1666846472338&cv=9&fst=1666846472338&num=1&value=0&label=WrpkCISmrdMDEOTZkpoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

d96f45a776e954761a9a82ba55652a98a1c9035dd8655d4542f87e7dbecc9d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1405
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
691 B 408ms
408ms Ping
application/octet-stream 104.88.70.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTHB9O3Q55EMJL0L3V80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.70.195 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-88-70-195.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1c18d7b6.7a5d8e2e
date: Thu, 27 Oct 2022 04:54:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-88-70-191.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time: 231,104.88.70.191
server-timing: cdn-cache; desc=MISS, edge; dur=220, origin; dur=17, inner; dur=15
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202210270454328020D160D2A8E46AF884
x-cache-remote: TCP_MISS from a23-220-107-82.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 17,23.220.107.82
x-tt-trace-host: 01f3257378d465fc4b4694cfa18dcad711e79507fc9ef99a17ea81097e955c7f1386b9a84761a623ef042b3fc1170adc09af49d845829abdbf68cc45e29b419d2017944bb3952cbbc022cf14a1318b76b535464e541c80a53eff527d1bffeb1a78
expires: Thu, 27 Oct 2022 04:54:32 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
549 B 431ms
431ms Ping
application/octet-stream 104.88.70.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTHB9O3Q55EMJL0L3V80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.70.195 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-88-70-195.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
x-akamai-request-id: 7a5d8e39
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20221027045432BC3B8B7AADDF7DB40FF6
x-cache: TCP_MISS from a104-88-70-191.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 245,104.88.70.191
x-tt-trace-host: 01f3257378d465fc4b4694cfa18dcad711fe554ed95ea81c6667d1e0ffccbef475d05c81f09759f1cc2e9f3d8ceb1cb2e1aa6f67590e53affa4b67996cb3d2d94bd1732886aa641e5c1d3e780afb756e11
server-timing: inner; dur=15, cdn-cache; desc=MISS, edge; dur=6, origin; dur=245
content-length: 0
expires: Thu, 27 Oct 2022 04:54:32 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
691 B 400ms
399ms Ping
application/octet-stream 104.88.70.195
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BTHB9O3Q55EMJL0L3V80
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.88.70.195 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-88-70-195.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1bae875f.7a5d8e54
date: Thu, 27 Oct 2022 04:54:32 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a104-88-70-191.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
x-parent-response-time: 223,104.88.70.191
server-timing: cdn-cache; desc=MISS, edge; dur=215, origin; dur=14, inner; dur=11
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202210270454323028E666D6241D6C883E
x-cache-remote: TCP_MISS from a23-220-107-72.deploy.akamaitechnologies.com (AkamaiGHost/10.10.0-44537982) (-)
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 14,23.220.107.72
x-tt-trace-host: 01f3257378d465fc4b4694cfa18dcad711e79507fc9ef99a17ea81097e955c7f136520e3b1ff6df3e3aff21f5653912f993a85e8f75da6cfee3fc1a6a0258cf3230f7c55ce7b46ea0d3f391d9e3b0f1b52ea5d5e322321c2380e70f90e452c5d51
expires: Thu, 27 Oct 2022 04:54:32 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ Frame D06F 45 KB
16 KB 173ms
173ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: 11063240.fls.doubleclick.net
URL: https://11063240.fls.doubleclick.net/ddm/fls/r/dc_pre=CPKcnf7O__oCFV7pcwEdT8sBCg;src=11063240;type=28swk0;cat=allpa0;ord=368680892685;gtm=2wgaq0;auiddc=813243708.1666846470;~oref=https%3A%2F%2F28bysamwood.com%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

61d762640603390ff4961df70bfa0e204eae9e3062dfeecc021d5e8ae519a8cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://11063240.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16836
x-xss-protection: 0
server: cafe
etag: 17864225919282141180
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 27 Oct 2022 04:54:32 GMT

GET
H3

200

/
www.google.com.au/pagead/1p-conversion/860138724/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/860138724/?random=256713993&cv=9&fst=1666846472338&num=1&value=0&label=WrpkCISmrdMDEOTZkpoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&...
https://www.google.com/pagead/1p-conversion/860138724/?random=256713993&cv=9&fst=1666846472338&num=1&value=0&label=WrpkCISmrdMDEOTZkpoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.com.au/pagead/1p-conversion/860138724/?random=256713993&cv=9&fst=1666846472338&num=1&value=0&label=WrpkCISmrdMDEOTZkpoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&...

42 B
64 B

179ms
179ms

Image
image/gif

142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-conversion/860138724/?random=256713993&cv=9&fst=1666846472338&num=1&value=0&label=WrpkCISmrdMDEOTZkpoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExYam1nWVExTW05dVBxWl81czdFaVVBZU9id2ctRUJnTnp2RUpQSmVqTGFUOFZwazRQWlUyVG9BbTV6WV9ieXA3bWFNQmVCGlhDaEVJOExYam1nWVFrSkd6bE9IRzljVFpBUkl0QURIbUVIV1NOVWlnUFUyM3psN0tJdHB0R0ZkalV3ZVJOOEdjYWtiNUVxcmNzdjJudnJHQTE3bm03dkZG&is_vtc=1&ocp_id=CA9aY7X9GdiAz7sPqKCPqAE&cid=CAQSKQDq26N9Xw2ps2BrbeS122Vfm-RtDm7gzC-uQju13EQUCzLyJYBdiQG-IBM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxwccz70piHQXYD3G7-41G_5rEMGHMSb140&random=1045778714&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-conversion/860138724/?random=256713993&cv=9&fst=1666846472338&num=1&value=0&label=WrpkCISmrdMDEOTZkpoD&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgaq0&sendb=1&ig=1&frm=0&url=https%3A%2F%2F28bysamwood.com%2F&tiba=28bysamwood%20%7C%2028%20By%20Sam%20Wood&auid=813243708.1666846470&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOExYam1nWVExTW05dVBxWl81czdFaVVBZU9id2ctRUJnTnp2RUpQSmVqTGFUOFZwazRQWlUyVG9BbTV6WV9ieXA3bWFNQmVCGlhDaEVJOExYam1nWVFrSkd6bE9IRzljVFpBUkl0QURIbUVIV1NOVWlnUFUyM3psN0tJdHB0R0ZkalV3ZVJOOEdjYWtiNUVxcmNzdjJudnJHQTE3bm03dkZG&is_vtc=1&ocp_id=CA9aY7X9GdiAz7sPqKCPqAE&cid=CAQSKQDq26N9Xw2ps2BrbeS122Vfm-RtDm7gzC-uQju13EQUCzLyJYBdiQG-IBM&eitems=ChEI8LXjmgYQ6umSuICz4tXgARIdAEPMrxwccz70piHQXYD3G7-41G_5rEMGHMSb140&random=1045778714&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 46E6 0
18 B 340ms
169ms Document
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://28bysamwood.com
Referer: https://28bysamwood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://28bysamwood.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 04:54:32 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/340404616/ Frame D06F 2 KB
1 KB 175ms
174ms Script
text/javascript 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/340404616/?random=1666846472697&cv=9&fst=1666846472697&num=1&npa=1&label=B2v7CLrf6dECEIjTqKIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11063240.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPKcnf7O__oCFV7pcwEdT8sBCg%3Bsrc%3D11063240%3Btype%3D28swk0%3Bcat%3Dallpa0%3Bord%3D368680892685%3Bgtm%3D2wgaq0%3Bauiddc%3D813243708.1666846470%3B~oref%3Dhttps%253A%252F%252F28bysamwood.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f154.1e100.net

Software

cafe /

Resource Hash

a80df5220e62094935e1773c1a53d58476aaa651a8207fb33112c8df6c01330d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://11063240.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7D31 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3

200

/
www.google.com.au/pagead/1p-conversion/340404616/ Frame D06F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/340404616/?random=1933860571&cv=9&fst=1666846472697&num=1&npa=1&label=B2v7CLrf6dECEIjTqKIB&guid=ON&resp=GooglemKTybQhCsO&eid=3756032...
https://www.google.com/pagead/1p-conversion/340404616/?random=1933860571&cv=9&fst=1666846472697&num=1&npa=1&label=B2v7CLrf6dECEIjTqKIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&...
https://www.google.com.au/pagead/1p-conversion/340404616/?random=1933860571&cv=9&fst=1666846472697&num=1&npa=1&label=B2v7CLrf6dECEIjTqKIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=16...

42 B
64 B

182ms
182ms

Image
image/gif

142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-conversion/340404616/?random=1933860571&cv=9&fst=1666846472697&num=1&npa=1&label=B2v7CLrf6dECEIjTqKIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11063240.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPKcnf7O__oCFV7pcwEdT8sBCg%3Bsrc%3D11063240%3Btype%3D28swk0%3Bcat%3Dallpa0%3Bord%3D368680892685%3Bgtm%3D2wgaq0%3Bauiddc%3D813243708.1666846470%3B~oref%3Dhttps%253A%252F%252F28bysamwood.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=CA9aY4eCML2Jz7sPn5Cc0Ao&cid=CAQSKQDq26N9dPFxBjvX5_9oALh-L06PDd1rvA9iXrjDFYi-XSM9q0VhUcW-IBM&random=1326802578&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Protocol

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://11063240.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:33 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.com.au/pagead/1p-conversion/340404616/?random=1933860571&cv=9&fst=1666846472697&num=1&npa=1&label=B2v7CLrf6dECEIjTqKIB&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F11063240.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCPKcnf7O__oCFV7pcwEdT8sBCg%3Bsrc%3D11063240%3Btype%3D28swk0%3Bcat%3Dallpa0%3Bord%3D368680892685%3Bgtm%3D2wgaq0%3Bauiddc%3D813243708.1666846470%3B~oref%3Dhttps%253A%252F%252F28bysamwood.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=CA9aY4eCML2Jz7sPn5Cc0Ao&cid=CAQSKQDq26N9dPFxBjvX5_9oALh-L06PDd1rvA9iXrjDFYi-XSM9q0VhUcW-IBM&random=1326802578&resp=GooglemKTybQhCsO&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 82446b93-4011-4dd9-bf69-654f3f390d4a
https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/ Frame 7D31 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/82446b93-4011-4dd9-bf69-654f3f390d4a
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ Frame 7D31 7 KB
793 B 472ms
171ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:900,regular,700,900italic,italic,700italic%7COswald:700

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

ESF /

Resource Hash

15537de1441703c0a17f2a65b24e9a5f334ba4d8b1fde6a27912ae6f0664260a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 04:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 04:54:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Oct 2022 04:54:33 GMT

GET
H2 200 8df94264-unbounce-3_103802z01s02z016000028.png
d9hhrg4mnvzow.cloudfront.net/a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/4b302ccc-3bac-46e3-8e78-e922c37cbba9/ Frame 7D31 5 KB
5 KB 521ms
176ms Image
image/png 13.33.100.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/4b302ccc-3bac-46e3-8e78-e922c37cbba9/8df94264-unbounce-3_103802z01s02z016000028.png
Requested by: Host: a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com
URL: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/4b302ccc-3bac-46e3-8e78-e922c37cbba9/h.html?closedAt=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.100.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-100-47.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbbb3629a8efb7026b1e48398aea4ee7e591eec08c624dd4b55310d5f2d3c942

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 00:30:11 GMT
x-amz-version-id: 4KTLIBJXhsWVvOSx4pyDhCifYlEp5XZa
via: 1.1 2e665350ce36612d432303ac51dbf21a.cloudfront.net (CloudFront)
last-modified: Thu, 20 Oct 2022 21:40:09 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2
age: 534263
etag: "fedeb104610047c329a4d276599aa4ba"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 4847
x-amz-cf-id: IqgFjO4rSaPpqcpYe8dt2LLT2HsvmgrY0p0f8bLqRNVRryYaBN089A==

GET
H2 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v28/ Frame 7D31 30 KB
31 KB 515ms
213ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:900,regular,700,900italic,italic,700italic%7COswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 06:48:01 GMT
x-content-type-options: nosniff
age: 252392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31196
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:43:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Oct 2023 06:48:01 GMT

GET
H2 200 7Au-p_0qiz-afTf2LwLT.woff2
fonts.gstatic.com/s/muli/v28/ Frame 7D31 31 KB
31 KB 470ms
169ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Au-p_0qiz-afTf2LwLT.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:900,regular,700,900italic,italic,700italic%7COswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

542aa3a659dae23a91406e12842f7c1554e955238427f8374c6a1e17bfdb1940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:49:31 GMT
x-content-type-options: nosniff
age: 158702
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32108
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 21:01:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 08:49:31 GMT

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2
fonts.gstatic.com/s/oswald/v49/ Frame 7D31 10 KB
10 KB 503ms
202ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:900,regular,700,900italic,italic,700italic%7COswald:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:06:50 GMT
x-content-type-options: nosniff
age: 161263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10172
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:23:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Oct 2023 08:06:50 GMT

GET
H2 204 embeddableActivated Show response
a785103026084cf5b58eb82dc405c5b5.events.ubembed.com/ 0
101 B 899ms
291ms XHR
text/plain 34.207.12.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a785103026084cf5b58eb82dc405c5b5.events.ubembed.com/embeddableActivated?activationRuleId=d5b250448f34472ca412e1906c0c3d92&browserTrackingId=9ef5b900cd514608afab68af14798823&clientId=9a71ba5a-8643-40e2-934b-a328e7f9857d&hostPageCorrelationId=bb31c1dc466742d4a20becc60703029a&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2F28bysamwood.com%2F&isFirstTime=true&requestId=91e413ea31e440a6911d723dd0349855&source=universalscript-v0.179.2
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.12.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-12-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://28bysamwood.com
date: Thu, 27 Oct 2022 04:54:34 GMT
access-control-allow-credentials: true

GET
H2 204 embeddableViewed Show response
a785103026084cf5b58eb82dc405c5b5.events.ubembed.com/ 0
102 B 897ms
290ms XHR
text/plain 34.207.12.71
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a785103026084cf5b58eb82dc405c5b5.events.ubembed.com/embeddableViewed?activationRuleId=d5b250448f34472ca412e1906c0c3d92&browserTrackingId=9ef5b900cd514608afab68af14798823&clientId=9a71ba5a-8643-40e2-934b-a328e7f9857d&hostPageCorrelationId=bb31c1dc466742d4a20becc60703029a&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2F28bysamwood.com%2F&isFirstTime=true&requestId=da33a714bf764e10bd2b1394552dc50f&source=universalscript-v0.179.2
Requested by: Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.207.12.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-207-12-71.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://28bysamwood.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://28bysamwood.com
date: Thu, 27 Oct 2022 04:54:34 GMT
access-control-allow-credentials: true

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame F8D3 565 B
590 B 401ms
401ms Document
text/html 23.54.56.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.88d900f0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.54.56.217 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-54-56-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://28bysamwood.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

akamai-grn: 0.a5213517.1666846474.59d1c89
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 27 Oct 2022 04:54:34 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 0
x-pinterest-rid: 1766722937947035

GET
H/1.1 200
OK 9c1a56140a2b49f099f5043cc1bd18ef.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701150831/ 1 MB
1 MB 150ms
150ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701150831/9c1a56140a2b49f099f5043cc1bd18ef.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: b80eb28d370de5b211169404e0c58dff20ce8407809b029e2b13f46f5e53880d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:35 GMT
Last-Modified: Fri, 01 Jul 2022 05:08:32 GMT
Server: AmazonS3
x-amz-request-id: VEDHD3YFC7X85DSJ
ETag: "c4b6ef42ef7c6c9334fae24674cb470b"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 1199098
x-amz-id-2: Wv8VAnYPNF7/Bwk5S228ruba3QIqCtB1wF4t/SErJ4U2B6JdcGTDTFVtsWDs+5mGwjmV7IyY1tw=

GET
H/1.1 200
OK d89787b06d22400a9b55fa7af04c9ed5.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701150817/ 1 MB
1 MB 124ms
124ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701150817/d89787b06d22400a9b55fa7af04c9ed5.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9f4f3dcb09702fe8ee7cb3b2f5375dd22d07be233f8e4b741a2eda8c6a9aa6dc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:35 GMT
Last-Modified: Fri, 01 Jul 2022 05:08:18 GMT
Server: AmazonS3
x-amz-request-id: VEDHADE3EWERTCR6
ETag: "6f413b980b5d3f4c57616a3a936ff474"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 1567949
x-amz-id-2: x49Y/F7SVXJj7BXbBxAJjHC3kdnB5A7tNL0mAlIKYBg2fFkxtKvoT7z8LT44tvEH5fgdfeA9seQ=

GET
H/1.1 200
OK 51f2258c207142309e927b3a1760892c.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701150800/ 1 MB
1 MB 112ms
111ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20220701150800/51f2258c207142309e927b3a1760892c.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: a0ba7dac713d76cf9f4ff7aa8eb174e2bc0235ab7d23128bb02fcb1deba3d1a6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:35 GMT
Last-Modified: Fri, 01 Jul 2022 05:08:01 GMT
Server: AmazonS3
x-amz-request-id: VEDW1AFMN39BB5D1
ETag: "cb31a3fff6aeefa20a8f739c47060cf7"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 1319351
x-amz-id-2: wdC1yMST6L29H2usBBr51y9GauN/LboXhlA1heelQSKaFSv/ZbG4BliLvz8HEUGubH+OoW+9vNE=

GET
H3 200 optimize.js Show response
www.google-analytics.com/gtm/ 109 KB
43 KB 172ms
171ms Script
application/javascript 142.251.12.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/optimize.js?id=GTM-WNPNB3M

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MZ9XDQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.139 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f139.1e100.net

Software

Google Tag Manager /

Resource Hash

2273760913a4de5e56eafa4c1b2d664ff2ee1ff1304fa11819a8db415db8180f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43897
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 27 Oct 2022 04:54:34 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 8 KB
4 KB 184ms
184ms Script
application/x-javascript 182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=92184&v=5.12.1&p0=e%3Dce%26m%3D%255B%255D%26h%3Dnone&p1=e%3Dexd%26site_type%3Dd%26z%3Dundefined&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=t_nMJ19hSHpGbXhEYVUyWSUyRlNxeDdOV0N0NzVwWiUyQlNkQ2YlMkY3bEVDZjBnSGFoTjZ2ckdMaHR2OG5SSlU4cGdyMEslMkYxV2dHWVk1THZWTERqNGQlMkJJSHFQUnhOJTJCdVlHcUdnNXBnOUNkRVVIOW1UcnB3ZUxMOUMlMkJjeEo0U2NEc2dnVjQyRFgzME5lbk9pWW9LTlhQaEZpb2ptVHdCQSUzRCUzRA&tld=28bysamwood.com&dy=1&fu=https%253A%252F%252F28bysamwood.com%252F&dtycbr=86561

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=92184

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

917ed6b7fe3129f89ea362112278810d400db069038c44ac6fc38af6df28de52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12708464
timing-allow-origin: *
expires: 0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame CE88
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=46&user_id=k-otShazQlzkho80pVf4oaSoO39AXECTI1FzEmgw&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-otShazQlzkho80pVf4oaSoO39AXECTI1FzEmgw&expires=30

43 B
510 B

230ms
229ms

Image
image/gif

35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-otShazQlzkho80pVf4oaSoO39AXECTI1FzEmgw&expires=30
Protocol: HTTP/1.1
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-otShazQlzkho80pVf4oaSoO39AXECTI1FzEmgw&expires=30
Date: Thu, 27 Oct 2022 04:54:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame CE88
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_cm&google_hm=ay1RWDFPY1RRbHpraG84MHBWZjRvYVNvTzM5QVdwNkR3W...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_gid=CAESEMBKT0VApIu2T3uj92DUcYk&google_cver=1&google_ula=913071,0

43 B
370 B

171ms
171ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_gid=CAESEMBKT0VApIu2T3uj92DUcYk&google_cver=1&google_ula=913071,0

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1376337
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_gid=CAESEMBKT0VApIu2T3uj92DUcYk&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame CE88
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8153414206168480416

43 B
370 B

172ms
171ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8153414206168480416

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2320213
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 04:54:34 GMT
AN-X-Request-Uuid: e95b2217-0c4f-4889-b8dc-13e298babc0c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8153414206168480416
Connection: keep-alive
X-Proxy-Origin: 103.209.254.130; 103.209.254.130; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame CE88
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dzOlHzQlzkho80pVf4oaSoO39AWPy_3UfNaFfA
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dzOlHzQlzkho80pVf4oaSoO39AWPy_3UfNaFfA&C=1

43 B
766 B

295ms
294ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dzOlHzQlzkho80pVf4oaSoO39AWPy_3UfNaFfA&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 04:54:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 04:54:35 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-dzOlHzQlzkho80pVf4oaSoO39AWPy_3UfNaFfA&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame CE88
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-IEe_YzQlzkho80pVf4oaSoO39AV6X6DEBb10ag
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IEe_YzQlzkho80pVf4oaSoO39AV6X6DEBb10ag

43 B
448 B

172ms
172ms

Image
image/gif

18.140.149.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IEe_YzQlzkho80pVf4oaSoO39AV6X6DEBb10ag
Protocol: H2
Server: 18.140.149.174 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-149-174.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Oct 2022 04:54:34 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-IEe_YzQlzkho80pVf4oaSoO39AV6X6DEBb10ag
date: Thu, 27 Oct 2022 04:54:34 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame CE88 45 B
786 B 1176ms
339ms Image
image/gif 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-mU6BMzQlzkho80pVf4oaSoO39AUr0zuPo0fmXg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 04:54:34 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Thu, 27 Oct 2022 04:54:34 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame CE88 0
884 B 1061ms
353ms Image
text/html 35.157.80.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-dXJR3jQlzkho80pVf4oaSoO39AWVqG_zIqKfeg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.80.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-80-69.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:34 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame CE88 0
308 B 1106ms
275ms Image
text/plain 38.133.127.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-U7W0MzQlzkho80pVf4oaSoO39AU2XFif5MIJSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:35 GMT
Cache-Control: no-cache
X-TraceId: 654e8dc06a3c177ed5393ed2c05fcf13
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame CE88 42 B
578 B 510ms
170ms Image
image/gif 67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-BVtHtjQlzkho80pVf4oaSoO39AVVjEa_D41Jhw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 27 Oct 2022 04:54:34 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame CE88 42 B
786 B 968ms
171ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-d8pFczQlzkho80pVf4oaSoO39AWgp5-RFHmRsQ&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame CE88 68 B
280 B 554ms
170ms Image
image/png 52.74.74.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-F9GYrDQlzkho80pVf4oaSoO39AUVLtSNB1ihkg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.74.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-74-2.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:35 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame CE88 43 B
688 B 1262ms
169ms Image
image/gif 23.106.127.38
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-1yBhOTQlzkho80pVf4oaSoO39AU2LhKZqGGjlw
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Oct 2022 04:54:35 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame CE88 0
232 B 517ms
169ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-RFzyfDQlzkho80pVf4oaSoO39AXAQdahyYtYmw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 168136

GET
H2 200 um
criteo-sync.teads.tv/ Frame CE88 23 B
287 B 1347ms
388ms Image
image/gif 23.36.49.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-kELIUjQlzkho80pVf4oaSoO39AVWAuDLpiYV9Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.49.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-49-63.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Thu, 27 Oct 2022 04:54:36 GMT
pragma: no-cache
date: Thu, 27 Oct 2022 04:54:36 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2

200

xuid
eb2.3lift.com/ Frame CE88
Redirect Chain

https://eb2.3lift.com/xuid?mid=2711&xuid=k-JfLZhDQlzkho80pVf4oaSoO39AVDUt65SADwmg&dongle=013b
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-JfLZhDQlzkho80pVf4oaSoO39AVDUt65SADwmg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=

37 B
355 B

190ms
190ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-JfLZhDQlzkho80pVf4oaSoO39AVDUt65SADwmg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 27 Oct 2022 04:54:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=2711&xuid=k-JfLZhDQlzkho80pVf4oaSoO39AVDUt65SADwmg&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date: Thu, 27 Oct 2022 04:54:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame CE88 0
398 B 519ms
173ms Image
text/plain 52.74.162.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7fh57DQlzkho80pVf4oaSoO39AVrOXgNKBwAmw

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK sync
adgen.socdm.com/rtb/ Frame CE88 43 B
826 B 657ms
218ms Image
image/gif 202.241.208.3
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 202.241.208.3 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

X-SO-Cluster-ID: 19
Date: Thu, 27 Oct 2022 04:54:35 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":19,"gdpr":false,"ipv4":"103.209.254.130","key":"Y1oPC8Co5r0AACUmJiYAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad275"}
X-SO-Key: Y1oPC8Co5r0AACUmJiYAAAAA
Server: nginx
X-SO-Upstream-ID: m-ad275
P3P: CP="See also http://www.scaleout.jp/privacy/"
Content-Type: image/gif
Cache-Control: private
X-SO-HostName: m-ad275.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 1
Content-Length: 43
X-SO-LB-Hostname: a-ng40009.dc2p.scaleout.jp
X-SO-IP: 103.209.254.130

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame CE88
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=AE2m3tNwZWiT9vz4tt_yh1Vu5d0VVVvB

62 B
559 B

1156ms
511ms

Image
image/gif

23.73.13.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=AE2m3tNwZWiT9vz4tt_yh1Vu5d0VVVvB
Protocol: H2
Server: 23.73.13.201 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-13-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 27 Oct 2022 04:54:35 GMT
content-length: 62
bk-server: 1500
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=AE2m3tNwZWiT9vz4tt_yh1Vu5d0VVVvB
date: Thu, 27 Oct 2022 04:54:33 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 756702
content-length: 0

GET
H2 204 pixel
adx.dable.io/ Frame CE88 0
142 B 798ms
266ms Image
text/plain 3.37.124.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-sDwNfjQlzkho80pVf4oaSoO39AUWubpwwhqFVw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.37.124.92 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-37-124-92.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:35 GMT
server: nginx

GET
H2 200 /
cs.adingo.jp/sync/ Frame CE88 43 B
413 B 720ms
240ms Image
image/gif 35.76.245.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=criteo&id=k-L1xUCjQlzkho80pVf4oaSoO39AUA0OklHp3SNw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.76.245.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-76-245-45.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Thu, 27 Oct 2022 04:54:35 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 362338.gif
idsync.rlcdn.com/ Frame CE88 42 B
450 B 457ms
278ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-0opMyDQlzkho80pVf4oaSoO39AW1-F8P0cl02A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 c.gif
c.bing.com/ Frame CE88 42 B
504 B 240ms
236ms Image
image/gif 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-bpM28DQlzkho80pVf4oaSoO39AXZm710FJyX9Q
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:35 GMT
last-modified: Thu, 13 Oct 2022 15:58:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 68F39A71A4D34203B01523C564DC955E Ref B: MEL01EDGE1013 Ref C: 2022-10-27T04:54:35Z
etag: "e997be9b1cdfd81:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

204

/
s.ad.smaato.net/c/ Frame CE88
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA&cookieCheck=1

0
557 B

174ms
174ms

Image
text/plain

13.33.88.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA&cookieCheck=1
Protocol: H2
Server: 13.33.88.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-101.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:36 GMT
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: r4UF0vXVb-VwSLlLnl4RpgYUACk1sDovTDI42gJakhOtjtVAv_B3wQ==

Redirect headers

date: Thu, 27 Oct 2022 04:54:36 GMT
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: w_oP8hV89NNURilmUK1gN6pUnARW_2h-BETc0sg2PB5_38tasDqsGw==

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame CE88 68 B
280 B 1386ms
418ms Image
image/jpeg 23.213.43.197

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-b-S2AzQlzkho80pVf4oaSoO39AW_qp7KqcU3-A

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.43.197 -, , ASN (),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 27 Oct 2022 04:54:36 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-request-time: 0.001
content-disposition: inline;filename=f.txt
content-length: 68
x-xss-protection: 1; mode=block

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame CE88 43 B
468 B 529ms
170ms Image
image/gif 54.255.95.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-tggsODQlzkho80pVf4oaSoO39AXkNfjcSI18cw&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.95.76 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-95-76.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Oct 2022 04:54:36 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H/1.1 200
OK Sam-xx-e1565156237161-300x98.png
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20190807153308/ 2 KB
3 KB 109ms
109ms Image
image/png 52.95.131.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samwood-wp-assets.s3.ap-southeast-2.amazonaws.com/wp-content/uploads/20190807153308/Sam-xx-e1565156237161-300x98.png
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.131.18 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-r-w.ap-southeast-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: d09670b9b3493f97c909ebefda52b9bf5f765195c9d97e5c2901551e6959a7fe

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://28bysamwood.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:36 GMT
Last-Modified: Thu, 06 May 2021 09:53:50 GMT
Server: AmazonS3
x-amz-request-id: QA6327QJYQCTYW4D
ETag: "01e655f227c0fb0d8bd5b2066b3ba030"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2558
x-amz-id-2: OJ3AD9LYIHR4wXOa0KohF2oJGk0ehPPFC4zhanoOjMD2yd5yeSwb13RDc3XWdf2AS2SHCCimVS4=

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 9E71 43 B
235 B 225ms
224ms Image
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-otShazQlzkho80pVf4oaSoO39AXECTI1FzEmgw&expires=30
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 9E71
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_cm&google_hm=ay1RWDFPY1RRbHpraG84MHBWZjRvYVNvTzM5QVdwNkR3W...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_gid=CAESEMBKT0VApIu2T3uj92DUcYk&google_cver=1&google_ula=913071,0

43 B
371 B

187ms
187ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_gid=CAESEMBKT0VApIu2T3uj92DUcYk&google_cver=1&google_ula=913071,0

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 17595687
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:34 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-QX1OcTQlzkho80pVf4oaSoO39AWp6DwYfPp_lg&google_gid=CAESEMBKT0VApIu2T3uj92DUcYk&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 9E71
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8153414206168480416

43 B
370 B

170ms
170ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8153414206168480416

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1546767
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 04:54:35 GMT
AN-X-Request-Uuid: 08ee7015-4ac4-4a5a-8887-488562abd153
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=8153414206168480416
Connection: keep-alive
X-Proxy-Origin: 103.209.254.130; 103.209.254.130; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK rum
r.casalemedia.com/ Frame 9E71 43 B
766 B 300ms
300ms Image
image/gif 139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-dzOlHzQlzkho80pVf4oaSoO39AWPy_3UfNaFfA
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 27 Oct 2022 04:54:36 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

GET
H2 200 match
ad.360yield.com/ Frame 9E71 43 B
446 B 174ms
173ms Image
image/gif 18.140.149.174
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-IEe_YzQlzkho80pVf4oaSoO39AV6X6DEBb10ag
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.149.174 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-149-174.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 27 Oct 2022 04:54:36 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cksync.php
contextual.media.net/ Frame 9E71 45 B
622 B 352ms
352ms Image
image/gif 104.83.196.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-mU6BMzQlzkho80pVf4oaSoO39AUr0zuPo0fmXg

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 27 Oct 2022 04:54:36 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 45
x-mnet-hl2: E
expires: Thu, 27 Oct 2022 04:54:36 GMT

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 9E71 0
883 B 349ms
349ms Image
text/html 35.157.80.69
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-dXJR3jQlzkho80pVf4oaSoO39AWVqG_zIqKfeg
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.80.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-80-69.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:36 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 9E71 0
145 B 275ms
275ms Image
text/plain 38.133.127.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-U7W0MzQlzkho80pVf4oaSoO39AU2XFif5MIJSA
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Thu, 27 Oct 2022 04:54:36 GMT
Cache-Control: no-cache
X-TraceId: 6a567663578dbddddd6456833222824c
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 9E71 42 B
532 B 169ms
169ms Image
image/gif 67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-BVtHtjQlzkho80pVf4oaSoO39AVVjEa_D41Jhw
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 27 Oct 2022 04:54:36 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK tap.php
pixel.rubiconproject.com/ Frame 9E71 42 B
786 B 170ms
170ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-d8pFczQlzkho80pVf4oaSoO39AWgp5-RFHmRsQ&expires=30
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 6690dc791bf02dde8c4051a04cfd7bb8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 v1
match.sharethrough.com/sync/ Frame 9E71 68 B
279 B 171ms
170ms Image
image/png 52.74.74.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-F9GYrDQlzkho80pVf4oaSoO39AUVLtSNB1ihkg
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.74.74.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-74-2.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:36 GMT
cache-control: no-cache
content-length: 68
content-type: image/png

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 9E71 43 B
429 B 169ms
169ms Image
image/gif 23.106.127.38
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-1yBhOTQlzkho80pVf4oaSoO39AU2LhKZqGGjlw
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.38 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 27 Oct 2022 04:54:35 GMT
cache-control: no-cache,no-store
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 9E71 0
231 B 170ms
169ms Image
text/plain 141.226.229.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-RFzyfDQlzkho80pVf4oaSoO39AXAQdahyYtYmw
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:36 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 168138

GET
H2 200 um
criteo-sync.teads.tv/ Frame 9E71 23 B
287 B 392ms
391ms Image
image/gif 23.36.49.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-kELIUjQlzkho80pVf4oaSoO39AVWAuDLpiYV9Q
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.36.49.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-49-63.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Thu, 27 Oct 2022 04:54:36 GMT
pragma: no-cache
date: Thu, 27 Oct 2022 04:54:36 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 9E71 37 B
355 B 190ms
189ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-JfLZhDQlzkho80pVf4oaSoO39AVDUt65SADwmg&dongle=013b
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 27 Oct 2022 04:54:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 9E71 0
311 B 175ms
174ms Image
text/plain 52.74.162.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-7fh57DQlzkho80pVf4oaSoO39AVrOXgNKBwAmw

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.74.162.2 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:36 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/adgeneration/ Frame 9E71
Redirect Chain

https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
https://dis.criteo.com/dis/rtb/adgeneration/cookiematch.aspx?maid=Y1oPC8Co5r0AACUmJiYAAAAA

43 B
370 B

172ms
172ms

Image
image/gif

182.161.73.146
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/adgeneration/cookiematch.aspx?maid=Y1oPC8Co5r0AACUmJiYAAAAA

Protocol

Server

182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:35 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3277361
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 27 Oct 2022 04:54:36 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":19,"gdpr":false,"ipv4":"103.209.254.130","key":"Y1oPC8Co5r0AACUmJiYAAAAA","privacy_sensitive":false,"uid":"Y1oPC8Co5r0AACUmJiYAAAAA","upstream_id":"m-ad275"}
X-SO-Key: Y1oPC8Co5r0AACUmJiYAAAAA
X-SO-Upstream-ID: m-ad275
P3P: CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName: m-ad275.dc4p.scaleout.jp
X-SO-UID: Y1oPC8Co5r0AACUmJiYAAAAA
Connection: keep-alive
Content-Length: 0
X-SO-IP: 103.209.254.130
X-SO-Cluster-ID: 19
Server: nginx
Location: https://dis.criteo.com/dis/rtb/adgeneration/cookiematch.aspx?maid=Y1oPC8Co5r0AACUmJiYAAAAA
Cache-Control: private
X-SO-Ads-Time: 6
X-SO-LB-Hostname: a-ng40009.dc2p.scaleout.jp

GET
H2

200

sync
tags.bluekai.com/site/29001/ Frame 9E71
Redirect Chain

https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=b0t34vI6vgBXtdeuOR9uSfk5dEwwVTLf

62 B
558 B

938ms
498ms

Image
image/gif

23.73.13.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=b0t34vI6vgBXtdeuOR9uSfk5dEwwVTLf
Protocol: H2
Server: 23.73.13.201 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-13-201.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 27 Oct 2022 04:54:35 GMT
content-length: 62
bk-server: 67cd
content-type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=b0t34vI6vgBXtdeuOR9uSfk5dEwwVTLf
date: Thu, 27 Oct 2022 04:54:33 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 678499
content-length: 0

GET
H2 204 pixel
adx.dable.io/ Frame 9E71 0
141 B 271ms
270ms Image
text/plain 3.37.124.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel?dsp_id=6&uid=k-sDwNfjQlzkho80pVf4oaSoO39AUWubpwwhqFVw
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.37.124.92 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-37-124-92.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:36 GMT
server: nginx

GET
H2 200 /
cs.adingo.jp/sync/ Frame 9E71 43 B
412 B 239ms
238ms Image
image/gif 35.76.245.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.adingo.jp/sync/?from=criteo&id=k-L1xUCjQlzkho80pVf4oaSoO39AUA0OklHp3SNw
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.76.245.45 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-76-245-45.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

p3p: CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma: no-cache
date: Thu, 27 Oct 2022 04:54:36 GMT
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type: image/gif
server: nginx
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 362338.gif
idsync.rlcdn.com/ Frame 9E71 42 B
60 B 447ms
276ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362338.gif?partner_uid=k-0opMyDQlzkho80pVf4oaSoO39AW1-F8P0cl02A
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:36 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 c.gif
c.bing.com/ Frame 9E71 42 B
176 B 234ms
234ms Image
image/gif 204.79.197.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-bpM28DQlzkho80pVf4oaSoO39AXZm710FJyX9Q
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS: a-0001.a-msedge.net
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 Oct 2022 04:54:35 GMT
last-modified: Thu, 13 Oct 2022 15:58:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 69964C9AFD7C4F89B85128910C72D80E Ref B: MEL01EDGE1013 Ref C: 2022-10-27T04:54:36Z
etag: "e997be9b1cdfd81:0"
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type: image/gif
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

GET
H2

204

/
s.ad.smaato.net/c/ Frame 9E71
Redirect Chain

https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA&cookieCheck=1

0
558 B

176ms
176ms

Image
text/plain

13.33.88.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA&cookieCheck=1
Protocol: H2
Server: 13.33.88.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-88-101.sin2.r.cloudfront.net
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:36 GMT
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control: max-age=300
x-amz-cf-id: 5D3ZxyCBIfK--lqpNrA6bgbijvF7mFWwqNSLw9WT_1dC_SB5w8fsjA==

Redirect headers

date: Thu, 27 Oct 2022 04:54:36 GMT
via: 1.1 d4cace4cc5e331ffcb566a47ffd57416.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: SIN2-P2
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-VDqcjTQlzkho80pVf4oaSoO39AWvhglSivjTNA&cookieCheck=1
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: p6wjd_sql2eL-z-NjNC3upFvFXl23kXWfN2TWe5C-RR65_xH6kXiXQ==

GET
H2 200 sync.htm
ade.clmbtech.com/uid/ Frame 9E71 68 B
280 B 828ms
401ms Image
image/jpeg 23.213.43.197

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-b-S2AzQlzkho80pVf4oaSoO39AW_qp7KqcU3-A

Requested by

Host: 28bysamwood.com
URL: https://28bysamwood.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.213.43.197 -, , ASN (),

Reverse DNS

Software

Bhoot /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=25920000; includeSubdomains
date: Thu, 27 Oct 2022 04:54:36 GMT
x-content-type-options: nosniff
server: Bhoot
x-frame-options: sameorigin
content-type: image/jpeg
x-request-time: 0.001
content-disposition: inline;filename=f.txt
content-length: 68
x-xss-protection: 1; mode=block

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 9E71 43 B
467 B 170ms
169ms Image
image/gif 54.255.95.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-tggsODQlzkho80pVf4oaSoO39AXkNfjcSI18cw&pn_id=criteo&ext=1
Requested by: Host: 28bysamwood.com
URL: https://28bysamwood.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.255.95.76 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-255-95-76.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 27 Oct 2022 04:54:36 GMT
content-type: image/gif
content-length: 43
access-control-allow-methods: GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 9E71
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iLFNDWHYg9NkfDEBPhE22n4Jigf-NqeS

0
337 B

922ms
304ms

Image
text/plain

35.160.185.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iLFNDWHYg9NkfDEBPhE22n4Jigf-NqeS
Protocol: H2
Server: 35.160.185.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-185-12.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n006-pdx-prod.krxd.net
date: Thu, 27 Oct 2022 04:54:36 GMT
cache-control: private, no-cache, no-store
x-request-time: D=24 t=1666846476
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=iLFNDWHYg9NkfDEBPhE22n4Jigf-NqeS
date: Thu, 27 Oct 2022 04:54:34 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1223613
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame CE88
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=N7fBw5yAV_jA2ldEHq3KRc26qO9n3C7K

0
338 B

910ms
303ms

Image
text/plain

35.160.185.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=N7fBw5yAV_jA2ldEHq3KRc26qO9n3C7K
Protocol: H2
Server: 35.160.185.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-160-185-12.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-served-by: beacon-n004-pdx-prod.krxd.net
date: Thu, 27 Oct 2022 04:54:36 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1666846476
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=N7fBw5yAV_jA2ldEHq3KRc26qO9n3C7K
date: Thu, 27 Oct 2022 04:54:34 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 737636
content-length: 0

GET
H3

200

397596.gif
idsync.rlcdn.com/ Frame CE88
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=9hj2rqEK-1Q_5ZJ0rvA-RCnFQOHcYVPG

42 B
60 B

276ms
276ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=9hj2rqEK-1Q_5ZJ0rvA-RCnFQOHcYVPG
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:36 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=9hj2rqEK-1Q_5ZJ0rvA-RCnFQOHcYVPG
date: Thu, 27 Oct 2022 04:54:35 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1359948
content-length: 0

GET
H3

200

397596.gif
idsync.rlcdn.com/ Frame 9E71
Redirect Chain

https://gum.criteo.com/sync?c=6&r=1&k=1&a=1&u=https%3A%2F%2Fidsync.rlcdn.com%2F397596.gif%3Fpartner_uid%3D%40USERID%40
https://idsync.rlcdn.com/397596.gif?partner_uid=eHpkTlUUmQ3jSPYh3ML-nb1zrQaT9kjm

42 B
60 B

275ms
275ms

Image
image/gif

35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/397596.gif?partner_uid=eHpkTlUUmQ3jSPYh3ML-nb1zrQaT9kjm
Protocol: H3
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 27 Oct 2022 04:54:36 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/397596.gif?partner_uid=eHpkTlUUmQ3jSPYh3ML-nb1zrQaT9kjm
date: Thu, 27 Oct 2022 04:54:36 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1353806
content-length: 0

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

81 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.28bysamwood.com/	1970-01-20 07:02:12	Name: homeFaqTest Value: true
.28bysamwood.com/	1970-01-20 11:19:58	Name: optimizelyEndUserId Value: oeu1666846469207r0.9056611114385795
.28bysamwood.com/	1970-01-20 15:47:48	Name: _vwo_uuid_v2 Value: D2F03E546885A5977837F4DB0DCCA0579\|2fbc8cbc8748f42d4163c8881efc3527
28bysamwood.com/	1970-01-20 07:10:51	Name: AWSALB Value: FTTiWskWjMRSJduRfNd4oWTmUvb1t/BtUcM0kXr7D1y4uCEPP411BqS2cqxCFXstauiiHn21zMGm6TKq1Esmc3Nmf60Ai8PxvlrUPxTTt7z8Xu7+PsixkSN1ppA3
28bysamwood.com/	1970-01-20 07:10:51	Name: AWSALBCORS Value: FTTiWskWjMRSJduRfNd4oWTmUvb1t/BtUcM0kXr7D1y4uCEPP411BqS2cqxCFXstauiiHn21zMGm6TKq1Esmc3Nmf60Ai8PxvlrUPxTTt7z8Xu7+PsixkSN1ppA3
.app-sn04.marketo.com/	1970-01-20 07:00:48	Name: __cf_bm Value: WFRZ7MfS7teRi9r_sm1y5P5U57WF7uHi__FRoIxdviQ-1666846470-0-ARW7XWqifQIrbOEZsKlj+tfBz0ywRYAfpGnbaQebdQQMZ/sjfbX68ZW2HXzfUACPxVp8BzUDUHmCXFPDltQr/Gw=
.28bysamwood.com/	1970-01-20 09:10:22	Name: _gcl_au Value: 1.1.813243708.1666846470
.28bysamwood.com/	1970-01-20 16:36:46	Name: _ga_R44YSHGLZN Value: GS1.1.1666846470.1.0.1666846470.60.0.0
.28bysamwood.com/	1970-01-20 16:36:46	Name: _ga Value: GA1.2.288599252.1666846471
.28bysamwood.com/	1970-01-20 07:02:12	Name: _gid Value: GA1.2.547549078.1666846471
.28bysamwood.com/	1970-01-20 07:00:46	Name: _gat_UA-70237259-1 Value: 1
.bing.com/	1970-01-20 16:22:22	Name: MUID Value: 25DF68251AE262C8286C7A6F1B086377
.bat.bing.com/	1970-01-20 07:10:51	Name: MR Value: 0
.28bysamwood.com/	1970-01-20 07:02:12	Name: _uetsid Value: 718f53d055b311eda17f5f91db7e3cbb
.28bysamwood.com/	1970-01-20 16:22:22	Name: _uetvid Value: 718f7a4055b311ed8b592384e891ef54
.28bysamwood.com/	1970-01-20 16:36:46	Name: _mkto_trk Value: id:678-QXR-802&token:_mch-28bysamwood.com-1666846471354-87653
.doubleclick.net/	1970-01-20 16:36:46	Name: IDE Value: AHWqTUkXdbjRQ3DtteOYTNn8hnKKbSsGwZPztysZ5sTwDR2hpkS7f8zv0RseQ9M-
.28bysamwood.com/	1970-01-20 15:46:22	Name: _pin_unauth Value: dWlkPU1UYzNNRFkxT0dFdFpEa3pNQzAwT0RreUxXSXpPR0V0WTJaaFptWTVZelUyTlRaaA
.criteo.com/	1970-01-20 16:22:22	Name: uid Value: b190fbcf-a200-4bd8-b469-d42cb5ff2af0
.28bysamwood.com/	1970-01-20 09:10:22	Name: _fbp Value: fb.1.1666846472055.1196271011
.quantserve.com/	1970-01-20 16:31:00	Name: mc Value: 635a0f08-0ec07-82de6-01e53
.28bysamwood.com/	1970-01-20 16:30:10	Name: cto_bundle Value: t_nMJ19hSHpGbXhEYVUyWSUyRlNxeDdOV0N0NzVwWiUyQlNkQ2YlMkY3bEVDZjBnSGFoTjZ2ckdMaHR2OG5SSlU4cGdyMEslMkYxV2dHWVk1THZWTERqNGQlMkJJSHFQUnhOJTJCdVlHcUdnNXBnOUNkRVVIOW1UcnB3ZUxMOUMlMkJjeEo0U2NEc2dnVjQyRFgzME5lbk9pWW9LTlhQaEZpb2ptVHdCQSUzRCUzRA
.28bysamwood.com/	1970-01-20 16:25:15	Name: __qca Value: P0-464972439-1666846471948
.28bysamwood.com/	1970-01-20 15:46:22	Name: _hjSessionUser_463408 Value: eyJpZCI6ImYyYzA5MTJkLWNiZGYtNTZlMy05MzZkLTU2MmE5NmViYjEwNCIsImNyZWF0ZWQiOjE2NjY4NDY0NzIxOTYsImV4aXN0aW5nIjpmYWxzZX0=
.28bysamwood.com/	1970-01-20 07:00:48	Name: _hjFirstSeen Value: 1
28bysamwood.com/	1970-01-20 07:00:46	Name: _hjIncludedInSessionSample Value: 0
.28bysamwood.com/	1970-01-20 07:00:48	Name: _hjSession_463408 Value: eyJpZCI6IjVhZGZkYWE1LWU2YmItNDQ1My1iNjJiLTk5NTUxNTgzYzQ3NCIsImNyZWF0ZWQiOjE2NjY4NDY0NzIyMTksImluU2FtcGxlIjpmYWxzZX0=
28bysamwood.com/	1970-01-20 07:00:46	Name: _hjIncludedInPageviewSample Value: 1
.28bysamwood.com/	1970-01-20 07:00:48	Name: _hjAbsoluteSessionInProgress Value: 0
.ct.pinterest.com/	1970-01-20 15:46:22	Name: _pinterest_ct_ua Value: "TWc9PSZ3SHZINC9BQ0JOckp1NURDcEkzL2NSSVZYUkF5anU0TzJnQWpEckhpR0xPMWtnL0ZRTktVbTBnQkRRMG0xaHpVcy82SElRdlhHNS9XNDBWTmJiRURlZDU0dVNRY29iN1A3SHRlQjRiaDBFWT0mbDRJTndFbkhIbnIwNlM3TDc1dUs1N3dwNStNPQ=="
.tiktok.com/	1970-01-20 16:22:22	Name: _ttp Value: 2Ghgx4PmSsQaWB48EsoFjyTPQ84
.28bysamwood.com/	1970-01-20 16:22:22	Name: _tt_enable_cookie Value: 1
.28bysamwood.com/	1970-01-20 16:22:22	Name: _ttp Value: 2e73b37b-7351-4f46-87a1-4f1f9d854194
.yahoo.com/	1970-01-20 15:46:44	Name: A3 Value: d=AQABBAgPWmMCEEEGcSm92wLVeJcTcuTEjtIFEgEBAQFgW2NjYwAAAAAA_eMAAA&S=AQAAAgvI48sHldMpq4v-XsVcCrg
.360yield.com/	1970-01-20 09:10:22	Name: tuuid Value: d8737676-4eb0-4e04-8c99-ed825ba55487
.360yield.com/	1970-01-20 09:10:22	Name: tuuid_lu Value: 1666846474
.bidswitch.net/	1970-01-20 15:46:22	Name: tuuid Value: 03e7f92b-4ac0-44d0-b285-8912f0272d99
.bidswitch.net/	1970-01-20 15:46:22	Name: c Value: 1666846474
.bidswitch.net/	1970-01-20 15:46:22	Name: tuuid_lu Value: 1666846474
.adnxs.com/	1970-01-20 09:10:22	Name: uuid2 Value: 8153414206168480416
.pubmatic.com/	1970-01-20 07:43:58	Name: KRTBCOOKIE_97 Value: 3385-uid:k-BVtHtjQlzkho80pVf4oaSoO39AVVjEa_D41Jhw&KRTB&23144-uid:k-BVtHtjQlzkho80pVf4oaSoO39AVVjEa_D41Jhw&KRTB&23286-uid:k-BVtHtjQlzkho80pVf4oaSoO39AVVjEa_D41Jhw&KRTB&23287-uid:k-BVtHtjQlzkho80pVf4oaSoO39AVVjEa_D41Jhw
exchange.mediavine.com/	1970-01-20 07:20:56	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2273cd8870-55b3-11ed-befe-3f139a7ec125%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:20:56	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2273cd8870-55b3-11ed-befe-3f139a7ec125%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:20:56	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2273cd8870-55b3-11ed-befe-3f139a7ec125%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:20:56	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2273cd8870-55b3-11ed-befe-3f139a7ec125%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 07:20:56	Name: criteo Value: %7B%22id%22%3A%22k-dXJR3jQlzkho80pVf4oaSoO39AWVqG_zIqKfeg%22%2C%22version%22%3A%22criteo%22%7D
.media.net/	1970-01-20 15:46:22	Name: visitor-id Value: 3098480741542685000V10
.media.net/	1970-01-20 07:43:58	Name: data-c Value: k-mU6BMzQlzkho80pVf4oaSoO39AUr0zuPo0fmXg~~3
.sharethrough.com/	1970-01-20 07:43:58	Name: stx_user_id Value: b169fd47-9664-4ee4-aaf5-e2918b913873
.outbrain.com/	1970-01-20 09:10:22	Name: obuid Value: c3b2c4d1-0807-4e8f-b31a-53044dc299ae
.bluekai.com/	1970-01-20 11:19:58	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 11:19:58	Name: bkpa Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LUP6BzGNnFWgMygwenWL3p/ovRZFpe91vpPB1xQnY0+p9Qe/pHj9
.bluekai.com/	1970-01-20 11:19:58	Name: bku Value: uUW999LwVZmqCjLC
.casalemedia.com/	1970-01-20 15:46:22	Name: CMID Value: Y1oPC5429oA9DENXtv2Y.AAA
.casalemedia.com/	1970-01-20 09:10:22	Name: CMPS Value: 4750
.casalemedia.com/	1970-01-20 09:10:22	Name: CMPRO Value: 4750
.taboola.com/	1970-01-20 15:46:22	Name: t_gid Value: 35fe91be-fdb6-4b0c-aaa1-3343e782728e-tucta53948b
.3lift.com/	1970-01-20 09:10:22	Name: tluid Value: 2837344116440894662169
.rubiconproject.com/	1970-01-20 15:46:22	Name: khaos Value: L9QLCRTK-O-22OZ
.analytics.yahoo.com/	1970-01-20 15:46:22	Name: IDSYNC Value: 18zh~27y4
.c.bing.com/	1970-01-20 07:10:51	Name: MR Value: 0
.rlcdn.com/	1970-01-20 08:27:10	Name: pxrc Value: CAA=
.socdm.com/	1970-01-20 16:36:46	Name: SOC Value: Y1oPC8Co5r0AACUmJiYAAAAA
.adingo.jp/	1970-01-20 07:43:58	Name: criteo_dsp Value: k-L1xUCjQlzkho80pVf4oaSoO39AUA0OklHp3SNw
.smartadserver.com/	1970-01-20 16:31:00	Name: pid Value: 4768049835135919685
.smartadserver.com/	1970-01-20 16:31:00	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 15:46:22	Name: csync Value: 79:k-1yBhOTQlzkho80pVf4oaSoO39AU2LhKZqGGjlw
.dable.io/	1970-01-20 09:24:46	Name: uid Value: 83543788.1666846475882
.360yield.com/	1970-01-20 09:10:22	Name: um Value: !38,rjROYzoaBt6tftvzto061MMMl8afjI9VVGl0U4qVPr1qDPEI3pfsxq.buE9NWqfly4z9sih1,1674622476
.360yield.com/	1970-01-20 09:10:22	Name: umeh Value: !38,0,1729054476,-1
.pubmatic.com/	1970-01-20 07:43:58	Name: PugT Value: 1666846476
.rubiconproject.com/	1970-01-20 15:46:22	Name: audit Value: 1\|DheyWCV5u7ZfeXHasv5JiqidvSVHq3nkicWPNuuTllhNDY5C4h7Kr02OiAZXD9ZZrwqiwtEL60KM1KxoLazIt+aleybw1oy9Ba0etFFpiE2aM/whR147I2L/GB38Xegg4m871xhVXGwIyRLw2RlKkAITFWHiyxBap9rkqPU6yBbmQdVc7iIhNLYPAdWGRZ6V8p4Q5rMwDzg=
.ads.yieldmo.com/	1970-01-20 15:46:22	Name: ptrcriteo Value: k-tggsODQlzkho80pVf4oaSoO39AXkNfjcSI18cw
.media.net/	1970-01-20 07:43:58	Name: data-c-ts Value: 1666846476
.socdm.com/	1970-01-20 16:36:46	Name: SOSYNC Value: anNvbjp7ImFkZzIzIjoxNjY2ODQ2NDc2fQ
.yieldmo.com/	1970-01-20 15:46:22	Name: yieldmo_id Value: g1e44fafd4bb2ecb1976%7C1666846476277%7C0%7C
.krxd.net/	1970-01-20 11:19:58	Name: _kuid_ Value: PKY6u8wG
.teads.tv/	1970-01-20 15:44:56	Name: tt_viewer Value: 381adc90-f17e-4f2e-8225-eeef79754f10
.smaato.net/	1970-01-20 07:31:00	Name: SCM Value: 16298767
.smaato.net/	1970-01-20 07:15:53	Name: SCM1001851 Value: 16298767
.rlcdn.com/	1970-01-20 15:46:22	Name: rlas3 Value: RLfMyx2shG2xXNxjc9/eBeNKr7JKbar6QN+G/I+qDcA=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://28bysamwood.com/ Message: Mixed Content: The page at 'https://28bysamwood.com/' was loaded over HTTPS, but requested an insecure element 'http://28bysamwood.com/wp-content/plugins/wpforms-lite/assets/images/submit-spin.svg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11063240.fls.doubleclick.net
28bysamwood.com
678-qxr-802.mktoresp.com
a20393310398.cdn.optimizely.com
a785103026084cf5b58eb82dc405c5b5.events.ubembed.com
a785103026084cf5b58eb82dc405c5b5.js.ubembed.com
a785103026084cf5b58eb82dc405c5b5.pages.ubembed.com
ad.360yield.com
ade.clmbtech.com
adgen.socdm.com
adservice.google.com
adservice.google.com.au
adx.dable.io
analytics.google.com
analytics.tiktok.com
app-sn04.marketo.com
assets.pinterest.com
assets.ubembed.com
bat.bing.com
beacon.krxd.net
builder-assets.unbounce.com
c.bing.com
cdn.optimizely.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
cs.adingo.jp
ct.pinterest.com
d9hhrg4mnvzow.cloudfront.net
dev.visualwebsiteoptimizer.com
dis.criteo.com
dynamic.criteo.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
fycdai.28bysamwood.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
in.hotjar.com
log.pinterest.com
logx.optimizely.com
match.sharethrough.com
munchkin.marketo.net
pixel.quantserve.com
pixel.rubiconproject.com
public.profitwell.com
q.quora.com
r.casalemedia.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.ad.smaato.net
s.pinimg.com
s.yimg.com
samwood-wp-assets.s3.ap-southeast-2.amazonaws.com
script.hotjar.com
secure.quantserve.com
simage2.pubmatic.com
sp.analytics.yahoo.com
sslwidget.criteo.com
static.hotjar.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tags.bluekai.com
ups.analytics.yahoo.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
103.229.10.247
103.237.104.82
104.16.93.80
104.17.25.14
104.254.151.60
104.69.149.41
104.83.196.24
104.88.70.195
106.10.236.146
119.161.10.11
13.33.100.47
13.33.33.116
13.33.33.118
13.33.88.101
13.33.88.114
13.33.88.124
139.5.84.243
141.226.229.48
142.250.4.157
142.250.4.97
142.251.10.94
142.251.12.139
142.251.12.149
142.251.12.154
142.251.12.94
151.101.0.84
151.101.193.131
157.240.235.1
157.240.235.35
18.140.149.174
18.155.68.61
182.161.73.133
182.161.73.136
182.161.73.146
202.241.208.3
204.79.197.200
23.106.127.38
23.213.43.197
23.36.49.63
23.54.56.167
23.54.56.217
23.73.13.201
23.9.178.224
3.234.95.123
3.26.166.39
3.37.124.92
34.207.12.71
34.248.5.173
34.96.102.137
35.157.80.69
35.160.185.12
35.190.60.146
35.213.12.39
35.71.178.8
35.76.245.45
38.133.127.31
52.74.162.2
52.74.74.2
52.95.131.18
54.192.150.40
54.253.82.12
54.254.43.115
54.255.95.76
54.87.231.226
67.199.150.86
69.173.158.64
74.125.24.103
74.125.24.156
74.125.24.157
74.125.24.95
99.86.159.12
04f452f70b624f3ffa715912f79896486f5f40214d3a39cefb91d9b337e392c1
0694124dd8cf871b521cf06ce0b2419ebbe18d3f45658b50c4b038b647fbc849
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10a05727b16573233d1327ba5f631c16778ffd1160e64916ddb098a74ded6e6a
15537de1441703c0a17f2a65b24e9a5f334ba4d8b1fde6a27912ae6f0664260a
1649ba1cf65532c191a320fe09aac11b1c83bef1f28c240ebb226975165efb57
18a899ae93d683c1e44173b7ba70e1025532cfeef1417889ae22aa78a11ee3be
1dc9ab1e199cd012a9532b2ea6e24de10ee0dbb24fecdd3d71aa588093490e09
20f0315c97ff7007f2e7a94d659e094a7efc01b8306da53987538c1101489e0e
2273760913a4de5e56eafa4c1b2d664ff2ee1ff1304fa11819a8db415db8180f
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
29751b3e1dfde6a5e92e42dd00e4cb39a58ffc6b7e4ccf6035d6e9184688e4e1
2a04078f9550381b5148170ceaf5b378a1b31ed8274c6d0094aeba6f599462cc
2a67c852357dff0984ad4a1c43f4c63f3c523d45107df82b9d7a7bd0666b0fd2
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
333b939696e6f76978556a93c83edc2eca63c9068e4947f5a2e180d20b6f24d2
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a
3acbf9d2b777d47014e3208e7beaed9bc0da83728cffd4e06b8d087c4c611612
3b699c2cd84c5722e0c9f34ec0c60a9f548901168f95d86b4f1df433a7b5cc60
3cf0dc9a3cf6622fa7493363d1e03f419d5311d386915900e461ac233ce48b28
3f67044d0ceb901343a38411f1ea5e60ca9caf22d639243013b345322891afba
3faadebc89cdb21d11634a032816f152462d1cb8903eb21d0642501fcad065de
47e31c44f306a30ecdd2165c3505f2ad57ce850909cbf5d1b3f856a303a8f06a
48e4b0f919882467fca52e96d0b0221982ec9ba5fe14972bf54ca662627dbcaf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52215a01cc5a1f9d121e997bde9a5f2448af99b0df2e06c2565ae2400f705096
530ada81665d4f8f68e14afba4d6ae64128d80240dda6ddc8919b31d65a69702
53def91a0c5c82575bda2553508d0ef5a5f1baaf8b9aec67c847172c2f545329
542aa3a659dae23a91406e12842f7c1554e955238427f8374c6a1e17bfdb1940
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d4972183041556a4368526fbac13acafc83de9ff3ca29ce81f31eb29c8f8a57
5d90ddd8658c52c065f7895e2b75a2817ab3c83260721afd60620321becdf9cc
5e3b8368f0c4f5c30421b4ed571b68e49594b0bba449534de2ffe89e7e84e311
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
61d762640603390ff4961df70bfa0e204eae9e3062dfeecc021d5e8ae519a8cd
670bf1d096414a8674aeab9b7515e710d0608196c04866d617d2788569ab1987
6a32184eb2b67b3e70a10339b38a1de6296e3cb34588f048e429a43789ae6bc4
6a3b1e55f4adef7052bbfc4fe414992c6302ef6e43f968f465c292f25474a030
6e059f38d9d643cd149fa02dfd97d6844f9b106198e027f55e2fe1e9a1428acf
6ff8873c5c7e5ddfdd65675936d186a8822ec5a7f51401eed3c06723166b43bd
7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7
7ab3394ac6ef6fe13fcfd92702952123fa67325bc609a1fce59b138a47c257b9
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7d31a3d963efe5f9b18fca67bd745b31dff70f52d5d498d62030d8881c4d9f27
7daf9da16fec35a0606ed67e89ea6c89785e4a3cd0560132cf73786b0a6d70ba
7f43da7b831b413d6eecf2a322183780d0aea27889e1f59a14fe6e4c7d0c054b
7ffd6ec4d1b1980400d8cc710d2edd0fb7833e2c83262f8401247043ca258149
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cf8149ef742c4af7261b8fb4029470a341d867454da9f8fc145042cc1e5c52
864123191e727b71f339147101763d9f13965ca4e5b2aaa02b1aa640c3a76347
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
90961161a91523f9af789ad89300c8640dceab22bbf60f6b34883aa60c2bc991
917ed6b7fe3129f89ea362112278810d400db069038c44ac6fc38af6df28de52
91a50850c517899e1c975079158949f7a500ddf5a7307fe36bf50092926beedc
91ba319cf3d5d7320492f1b2f32ed0289946007da64111be282b6c2600e27d85
9444bda0413f2e454776b9620dbd7e69efecab5803e30633f12a5a89fcb6506c
94793e651d33131640f21098c7a9ee7155892c1a0be754c80e8e38c3ec5a81d2
958c2ecbdd6c6708cf566ceb9b10ffd133ceef822ce81ef460db8ca29e44bcb5
95fbd05db13d6614d6e7fd6150f8caeef71641bf5f082f4cc200dcf6934a6f0a
984e8706c17b5c92aa5be8964edd1866207ee498d886ce350d3127d90b33f519
99b78300b9732190b7cfadbd0eb2955c99397bb0490019eca5f1aba9f44d4cde
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9b9249a97d202379903114b9eef0381300feb1084cedce44001bc2c43424589b
9c388e5802ba3466b6ceac518fcf9d7bbd8afd8f61270aa5b5ef3dce8c9e1b6f
9f4f3dcb09702fe8ee7cb3b2f5375dd22d07be233f8e4b741a2eda8c6a9aa6dc
a0573b1cbad051abc649639d29bc88a0f0722bf135eb35cac6606837694387b5
a0ba7dac713d76cf9f4ff7aa8eb174e2bc0235ab7d23128bb02fcb1deba3d1a6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a42f1b9d40ae5d9771c1f24b88fd3eebfd86292aa09f31236dc7f62adf6af0bb
a80df5220e62094935e1773c1a53d58476aaa651a8207fb33112c8df6c01330d
a907fccac484409195f03430efa11d403edace3885b8d6a4f23d941ad2fc6fc4
a9106f8201be70decee33d6db0ed15214e640fb5760a3ee0492dcfb6ca7b8ad0
a950feee7c2b3e679beccd2c26da47ac486ffbeea6fa8183dd8eb9f0ef364694
aa770fc92864b9ac1b2a942a25c4a464d14b00d4d81c6f7811ef3464bf3ad768
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0a1d0797e0ed0caec8d998276910599229ff015e6c99e2fe6b2c3ebc6ca8db5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b459a0c500fa20aa8104463f001f73d24e2551a444a390481678989f17c27ff7
b48801b3eeb9b35990c2eefd284b8d06bf94439f406d020a4979a08964658821
b80eb28d370de5b211169404e0c58dff20ce8407809b029e2b13f46f5e53880d
ba456b951d9404b7b74379629337df7aba4f03627ebe6c4468f877ab85f9bf31
bb14c226d4517c67148f8c5f2680ee3081e5fa0932e9e93092c09ae60fe54606
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0a4830af55fb7faabcbe34e804d186959aac83e6832495817e0e62122d2748f
c6833034c22ea122d5e365fc8cb6d2cde5e168ee682798944ce628f9c0a52e87
c84423c305779f2aab07847a2e3870ac1ea4072e470d5eb149c01e0e0497eae3
cbbb3629a8efb7026b1e48398aea4ee7e591eec08c624dd4b55310d5f2d3c942
ce23e9bd148c1ef26ea15c555e8f627d34c7a6ebb6ba233cde216d08dd00181e
d01e11446aed060cd739f1803fe38f28445188ccc10e084544c1e5bfce8b830c
d09670b9b3493f97c909ebefda52b9bf5f765195c9d97e5c2901551e6959a7fe
d520596b5a8464b43fe9f4790488cca3d1bbd83bd57bbff0e1f1c8d95fd675b2
d723600c5797a14fc4ac75c9794e11ed5ad1f48977e6790cca55d73a572aca99
d96f45a776e954761a9a82ba55652a98a1c9035dd8655d4542f87e7dbecc9d07
da7bc3776c9c4a8ef782cc272131e1652d72557ac973324bcf7ea6978f8026f0
db48908c5b66d01fe1280e583421b633be2f2a203b3c8051b9c77ee2798f4525
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e852af87a6f3055d43b7a10c82f7b85a6ad764fe5d69b49295cae3a621c42b24
e85691933909d8e4619f847efb3cd19ff95e44b7c0641d369594a9424339fff8
e96a49139f15097f8de35a000a984898b8afb4b69e2e892d803247b3483060dd
ec61d172e16d5d1eb01666478b1b9b6525884445f2df2231331727719a82bf69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0012ac60deb9e2040351432947d290bab331c4bc51b72e3c2ea2a1b0bd46c24
f2fe8afbf06c3f9f3da7f323b7f43fddfd76cf6dc76ca6ce304562f4dace6188
f3ada64c3c0a93c06d82254e06750067bf2883fc7a9399b333c19284b11729d2
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
fa390cf848cd8c82359e611790570a04ca5a2725eccf6c477300c05392841424
fc346c8c4ce194b8376a805389b642c59913256dfedaaed3ae56f0a6299f86f2
fcd9480fa74caf3a135bfff109498e57636c4860dfebcba3e830074451569227
ff6610e2c87ef5151ab80f1b5e7f35cb831a9542e65265fb4151f1b87ab7a228

28bysamwood.com Open in urlscan Pro 54.253.82.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

190 Requests

89 %HTTPS

0 %IPv6

56 Domains

79 Subdomains

70 IPs

9 Countries

8987 kBTransfer

11863 kBSize

81 Cookies

16 Outgoing links

Page URL History

Redirected requests

190 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

28bysamwood.com Open in urlscan Pro
54.253.82.12 Public Scan

Screenshot
Live screenshot

Full Image

190
Requests

89 %
HTTPS

0 %
IPv6

56
Domains

79
Subdomains

70
IPs

9
Countries

8987 kB
Transfer

11863 kB
Size

81
Cookies

190 HTTP transactions
1 data transactions