news.itsblossom.com Open in urlscan Pro
2a04:4e42:200::311 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://news.itsblossom.com/
Effective URL:
https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Submission: On October 16 via api (October 16th 2024, 8:08:44 am UTC) from AU — Scanned from AU

Summary HTTP 391 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 102 IPs in 11 countries across 76 domains to perform 391 HTTP transactions. The main IP is 2a04:4e42:200::311, located in United States and belongs to FASTLY, US. The main domain is news.itsblossom.com. The Cisco Umbrella rank of the primary domain is 133762.
TLS certificate: Issued by R10 on August 23rd 2024. Valid for: 3 months.

This is the only time news.itsblossom.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2a04:4e42:200... 2a04:4e42:200::311	54113 (FASTLY) (FASTLY)
4	172.67.73.228 172.67.73.228	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2606:4700:10:... 2606:4700:10::6816:1795	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	172.67.31.188 172.67.31.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
4	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
4	108.158.30.125 108.158.30.125	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4006:811::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:227b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
1	2600:9000:221... 2600:9000:2212:f400:3:25e2:740:93a1	16509 (AMAZON-02) (AMAZON-02)
2	108.158.32.44 108.158.32.44	16509 (AMAZON-02) (AMAZON-02)
3	2406:2600:7:1... 2406:2600:7:100::1	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	103.253.24.65 103.253.24.65	6939 (HURRICANE) (HURRICANE)
4 5	54.71.61.99 54.71.61.99	16509 (AMAZON-02) (AMAZON-02)
1	18.67.93.18 18.67.93.18	16509 (AMAZON-02) (AMAZON-02)
1	34.168.25.131 34.168.25.131	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 3	3.218.235.254 3.218.235.254	14618 (AMAZON-AES) (AMAZON-AES)
9	198.211.110.247 198.211.110.247	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	67.199.150.87 67.199.150.87	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	2406:2600:7:1... 2406:2600:7:100::2a	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
8	89.149.193.113 89.149.193.113	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 7	51.79.154.29 51.79.154.29	16276 (OVH) (OVH)
1 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
22	2602:803:c006... 2602:803:c006:158::65	26667 (RUBICONPR...) (RUBICONPROJECT)
1	100.20.154.212 100.20.154.212	16509 (AMAZON-02) (AMAZON-02)
4 9	103.43.90.178 103.43.90.178	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.0.107.214 3.0.107.214	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	54.169.113.206 54.169.113.206	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:221... 2600:9000:2212:3600:e:8add:c340:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2406:2600:7:1... 2406:2600:7:100::9	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
2	2606:4700:20:... 2606:4700:20::681a:367	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.221.74 142.251.221.74	15169 (GOOGLE) (GOOGLE)
1	2600:9000:208... 2600:9000:2083:ac00:1:96ec:5bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:221... 2600:9000:2215:ce00:1a:7b6f:2940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:221... 2600:9000:2212:8200:e:8add:c340:93a1	16509 (AMAZON-02) (AMAZON-02)
5	35.92.206.26 35.92.206.26	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700:10:... 2606:4700:10::6816:445	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:221... 2600:9000:2212:c200:7:d444:a240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2404:6800:400... 2404:6800:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
17	2600:9000:221... 2600:9000:2212:9600:7:d444:a240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 6	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	108.158.32.16 108.158.32.16	16509 (AMAZON-02) (AMAZON-02)
5	108.158.35.170 108.158.35.170	16509 (AMAZON-02) (AMAZON-02)
1	13.35.147.103 13.35.147.103	16509 (AMAZON-02) (AMAZON-02)
1	23.198.52.22 23.198.52.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:35ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:277... 2600:9000:277a:800:14:3f07:afc0:93a1	16509 (AMAZON-02) (AMAZON-02)
11	2a04:4e42:4f:... 2a04:4e42:4f::820	54113 (FASTLY) (FASTLY)
3	108.158.20.100 108.158.20.100	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:10:... 2606:4700:10::6816:545	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.213.2.161 54.213.2.161	16509 (AMAZON-02) (AMAZON-02)
4	69.173.158.92 69.173.158.92	26667 (RUBICONPR...) (RUBICONPROJECT)
15	54.179.66.231 54.179.66.231	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:10:... 2606:4700:10::ac43:17ea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	34.209.246.226 34.209.246.226	16509 (AMAZON-02) (AMAZON-02)
6 6	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3 3	207.65.33.82 207.65.33.82	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 6	172.217.167.98 172.217.167.98	15169 (GOOGLE) (GOOGLE)
2 2	18.136.40.208 18.136.40.208	16509 (AMAZON-02) (AMAZON-02)
2 2	74.214.196.131 74.214.196.131	19189 (PULSEPOINT) (PULSEPOINT)
2 2	2607:f350:1:2... 2607:f350:1:2569:0:10:0:d	27630 (AS-XFERNET) (AS-XFERNET)
1	3.168.86.71 3.168.86.71	16509 (AMAZON-02) (AMAZON-02)
1	51.79.152.76 51.79.152.76	16276 (OVH) (OVH)
1	23.221.133.65 23.221.133.65	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	52.223.2.229 52.223.2.229	16509 (AMAZON-02) (AMAZON-02)
3 3	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5 5	131.153.206.100 131.153.206.100	59210 (PHOENIXNA...) (PHOENIXNAP-AS-SG1 PhoenixNAP)
1 1	79.127.230.245 79.127.230.245	60068 (CDN77 _) (CDN77 _)
1	37.157.2.229 37.157.2.229	198622 (ADFORM) (ADFORM)
2 2	52.220.108.100 52.220.108.100	16509 (AMAZON-02) (AMAZON-02)
1 1	35.214.236.216 35.214.236.216	15169 (GOOGLE) (GOOGLE)
1 1	80.77.87.161 80.77.87.161	46636 (NATCOWEB) (NATCOWEB)
10 10	74.118.186.107 74.118.186.107	6336 (TURN-US-ASN) (TURN-US-ASN)
3 3	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
2 6	54.169.228.246 54.169.228.246	16509 (AMAZON-02) (AMAZON-02)
3 3	23.52.225.82 23.52.225.82	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.106.50.37 23.106.50.37	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.)
1	2404:6800:400... 2404:6800:4006:814::200e	15169 (GOOGLE) (GOOGLE)
4	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
2	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1	2404:6800:400... 2404:6800:4006:809::2006	15169 (GOOGLE) (GOOGLE)
1	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
2	74.118.186.106 74.118.186.106	6336 (TURN-US-ASN) (TURN-US-ASN)
2	206.81.3.43 206.81.3.43	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
6 6	18.179.103.44 18.179.103.44	16509 (AMAZON-02) (AMAZON-02)
2 9	23.106.127.170 23.106.127.170	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.)
6 10	35.213.7.90 35.213.7.90	15169 (GOOGLE) (GOOGLE)
1 1	2620:116:800e... 2620:116:800e:21:6c50:dbee:bef5:203d	16509 (AMAZON-02) (AMAZON-02)
1 1	47.253.61.56 47.253.61.56	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	98.82.157.231 98.82.157.231	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4003:c0f::9b	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4006:814::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.67.3 142.250.67.3	15169 (GOOGLE) (GOOGLE)
1	51.195.115.36 51.195.115.36	16276 (OVH) (OVH)
2	135.125.146.80 135.125.146.80	16276 (OVH) (OVH)
1	51.195.34.220 51.195.34.220	16276 (OVH) (OVH)
1	51.195.73.74 51.195.73.74	16276 (OVH) (OVH)
1	51.195.73.82 51.195.73.82	16276 (OVH) (OVH)
2	135.125.146.82 135.125.146.82	16276 (OVH) (OVH)
1	51.195.126.30 51.195.126.30	16276 (OVH) (OVH)
5	51.195.73.113 51.195.73.113	16276 (OVH) (OVH)
1	135.125.140.162 135.125.140.162	16276 (OVH) (OVH)
1	51.195.127.100 51.195.127.100	16276 (OVH) (OVH)
1	67.199.150.82 67.199.150.82	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
4 4	185.84.60.20 185.84.60.20	198622 (ADFORM) (ADFORM)
2 3	148.251.40.153 148.251.40.153	24940 (HETZNER-AS) (HETZNER-AS)
2 3	146.190.215.179 146.190.215.179	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	2a02:fa8:c411... 2a02:fa8:c411:13::1400	399104 (CNVR-APAC) (CNVR-APAC)
1 1	23.108.103.8 23.108.103.8	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD.)
4	44.229.114.113 44.229.114.113	16509 (AMAZON-02) (AMAZON-02)
1 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
6 7	67.205.171.186 67.205.171.186	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	34.36.216.150 34.36.216.150	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	80.77.87.108 80.77.87.108	46636 (NATCOWEB) (NATCOWEB)
1	13.35.147.54 13.35.147.54	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:277... 2600:9000:277c:f600:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:401... 2607:f8b0:4012:80a::2003	15169 (GOOGLE) (GOOGLE)
3	2600:1415:9c0... 2600:1415:9c00:6::1728:3475	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
391	102

2 2a04:4e42:200::311 (United States) 1 redirects

ASN54113 (FASTLY, US)

news.itsblossom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.73.228 (United States)

ASN13335 (CLOUDFLARENET, US)

gtrack.news.itsblossom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.news.itsblossom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700:10::6816:1795 (United States)

ASN13335 (CLOUDFLARENET, US)

posts-cdn.kueez.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.67.31.188 (United States)

ASN13335 (CLOUDFLARENET, US)

static-cdn.kueez.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kcdn.kueez.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
otrack.kueez.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:80b::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.158.30.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-30-125.syd3.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:811::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:227b (United States)

ASN13335 (CLOUDFLARENET, US)

u.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.221.67 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2212:f400:3:25e2:740:93a1 (United States)

ASN16509 (AMAZON-02, US)

players.voltaxservices.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.158.32.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-44.syd3.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 103.253.24.65 (Singapore)

ASN6939 (HURRICANE, US)

shb.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.71.61.99 (Boardman, United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-61-99.us-west-2.compute.amazonaws.com

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-18.syd62.r.cloudfront.net

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.168.25.131 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.25.168.34.bc.googleusercontent.com

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.218.235.254 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-235-254.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 198.211.110.247 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

prebid.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 67.199.150.87 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2406:2600:7:100::2a (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 89.149.193.113 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.79.154.29 (Singapore, Singapore) 2 redirects

ASN16276 (OVH, FR)
PTR: ip29.ip-51-79-154.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2602:803:c006:158::65 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.20.154.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-100-20-154-212.us-west-2.compute.amazonaws.com

hb.minutemedia-prebid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 103.43.90.178 (Singapore, Singapore) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.0.107.214 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-107-214.ap-southeast-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.169.113.206 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-113-206.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2212:3600:e:8add:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)

mp.mmvideocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2406:2600:7:100::9 (Japan) 1 redirects

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:367 (United States)

ASN13335 (CLOUDFLARENET, US)

events3.bqstreamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.221.74 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2083:ac00:1:96ec:5bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.voltaxservices.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2215:ce00:1a:7b6f:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)

factor-service.prod.voltaxservices.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2212:8200:e:8add:c340:93a1 (United States)

ASN16509 (AMAZON-02, US)

mp.mmvideocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.92.206.26 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-92-206-26.us-west-2.compute.amazonaws.com

pb-rtd-minutemedia.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pb-ing-minutemedia.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2212:c200:7:d444:a240:93a1 (United States)

ASN16509 (AMAZON-02, US)

prediction.voltaxam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb.voltaxam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4006:80f::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:2212:9600:7:d444:a240:93a1 (United States)

ASN16509 (AMAZON-02, US)

rtb.voltaxam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.64.218 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
firstmedia2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.158.32.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-32-16.syd3.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 108.158.35.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-35-170.syd3.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.147.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-103.syd1.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.198.52.22 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-52-22.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:35ad (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.hadronid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:277a:800:14:3f07:afc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

images2.minutemediacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a04:4e42:4f::820 (United States)

ASN54113 (FASTLY, US)

vms-videos.minutemediaservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.158.20.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-20-100.syd62.r.cloudfront.net

selector.voltaxam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)

id.hadron.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
seg.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.213.2.161 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-2-161.us-west-2.compute.amazonaws.com

pb-ing-minutemedia.ccgateway.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.158.92 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.179.66.231 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proton.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.209.246.226 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-246-226.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 15.197.193.217 (Seattle, United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
data.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.65.33.82 (United States) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore) 1 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.111.113.62 (Kansas City, United States) 4 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.167.98 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.136.40.208 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-40-208.ap-southeast-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.214.196.131 (Sunnyvale, United States) 2 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f350:1:2569:0:10:0:d (United States) 2 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.168.86.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-168-86-71.sfo5.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.152.76 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip76.ip-51-79-152.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.221.133.65 (Rehovot, Israel)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-133-65.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.2.229 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.151.101 (San Francisco, United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 131.153.206.100 (United States) 5 redirects

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.127.230.245 (Singapore, Singapore) 1 redirects

ASN60068 (CDN77 _, GB)
PTR: unn-79-127-230-245.datapacket.com

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.229 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.220.108.100 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-108-100.ap-southeast-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.236.216 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 216.236.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.161 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 74.118.186.107 (Serangoon New Town, Singapore) 10 redirects

ASN6336 (TURN-US-ASN, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 50.116.239.135 (United States) 3 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 54.169.228.246 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.52.225.82 (Sydney, Australia) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-225-82.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.106.50.37 (Singapore, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:814::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:809::2006 (Sydney, Australia)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.118.186.106 (Serangoon New Town, Singapore)

ASN6336 (TURN-US-ASN, US)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 206.81.3.43 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

exchange.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.179.103.44 (Tokyo, Japan) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-103-44.ap-northeast-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.106.127.170 (Singapore, Singapore) 2 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 35.213.7.90 (Tokyo, Japan) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 90.7.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800e:21:6c50:dbee:bef5:203d (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.253.61.56 (United States) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

gw-iad-bid.ymmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.82.157.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-82-157-231.compute-1.amazonaws.com

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4003:c0f::9b (Singapore, Singapore)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4006:814::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.67.3 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.115.36 (France)

ASN16276 (OVH, FR)
PTR: ip36.ip-51-195-115.eu

d0.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.146.80 (Germany)

ASN16276 (OVH, FR)
PTR: ip80.ip-135-125-146.eu

d1.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d5.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.34.220 (Jordan)

ASN16276 (OVH, FR)
PTR: ip220.ip-51-195-34.eu

d2.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.73.74 (France)

ASN16276 (OVH, FR)
PTR: ip74.ip-51-195-73.eu

d3.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.73.82 (France)

ASN16276 (OVH, FR)
PTR: ip82.ip-51-195-73.eu

d4.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.125.146.82 (Germany)

ASN16276 (OVH, FR)
PTR: ip82.ip-135-125-146.eu

d5.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d2.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.126.30 (Germany)

ASN16276 (OVH, FR)
PTR: ip30.ip-51-195-126.eu

d6.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.195.73.113 (France)

ASN16276 (OVH, FR)
PTR: ip113.ip-51-195-73.eu

d7.eu-3-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d1.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d4.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d6.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d7.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.125.140.162 (France)

ASN16276 (OVH, FR)
PTR: ip162.ip-135-125-140.eu

d0.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.195.127.100 (Germany)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-195-127.eu

d3.eu-4-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.82 (Singapore, Singapore)

ASN3257 (GTT-BACKBONE GTT, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.84.60.20 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 148.251.40.153 (Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.153.40.251.148.clients.your-server.de

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.190.215.179 (North Bergen, United States) 2 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.cootlogix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:c411:13::1400 (Amsterdam, Netherlands) 2 redirects

ASN399104 (CNVR-APAC, US)

equativ-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.108.103.8 (Jurong Town, Singapore) 1 redirects

ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.229.114.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-229-114-113.us-west-2.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 67.205.171.186 (North Bergen, United States) 6 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.kueezrtb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.36.216.150 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 150.216.36.34.bc.googleusercontent.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.77.87.108 (Clifton, United States) 1 redirects

ASN46636 (NATCOWEB, US)

eexsync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.147.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-54.syd1.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:277c:f600:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4012:80a::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1415:9c00:6::1728:3475 (United States)

ASN20940 (AKAMAI-ASN1, NL)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	rubiconproject.com 2 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 492 prebid-server.rubiconproject.com — Cisco Umbrella Rank: 873 token.rubiconproject.com — Cisco Umbrella Rank: 486 eus.rubiconproject.com — Cisco Umbrella Rank: 600 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1473	20 KB
27	ad.gt 1 redirects a.ad.gt — Cisco Umbrella Rank: 1552 id.hadron.ad.gt — Cisco Umbrella Rank: 1450 p.ad.gt — Cisco Umbrella Rank: 1739 ids.ad.gt — Cisco Umbrella Rank: 1464 seg.ad.gt — Cisco Umbrella Rank: 1970 pixels.ad.gt — Cisco Umbrella Rank: 1626 proton.ad.gt — Cisco Umbrella Rank: 8121	27 KB
24	voltaxam.com prediction.voltaxam.com — Cisco Umbrella Rank: 12368 rtb.voltaxam.com — Cisco Umbrella Rank: 19815 selector.voltaxam.com — Cisco Umbrella Rank: 16071	16 KB
24	kueez.net posts-cdn.kueez.net — Cisco Umbrella Rank: 102017 static-cdn.kueez.net — Cisco Umbrella Rank: 113825 kcdn.kueez.net — Cisco Umbrella Rank: 118063 otrack.kueez.net — Cisco Umbrella Rank: 89737	884 KB
21	sharethrough.com 2 redirects btlr.sharethrough.com — Cisco Umbrella Rank: 955 match.sharethrough.com — Cisco Umbrella Rank: 521	12 KB
18	smartadserver.com 3 redirects prg.smartadserver.com — Cisco Umbrella Rank: 1960 ssbsync.smartadserver.com — Cisco Umbrella Rank: 748 rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739	19 KB
12	cootlogix.com prebid.cootlogix.com — Cisco Umbrella Rank: 5845 Failed sync.cootlogix.com — Cisco Umbrella Rank: 2225	11 KB
12	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215 cm.g.doubleclick.net — Cisco Umbrella Rank: 283 stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	185 KB
11	minutemediaservices.com vms-videos.minutemediaservices.com — Cisco Umbrella Rank: 19868	5 MB
11	bidswitch.net 6 redirects grid.bidswitch.net — Cisco Umbrella Rank: 1291 x.bidswitch.net — Cisco Umbrella Rank: 399	2 KB
11	richaudience.com shb.richaudience.com — Cisco Umbrella Rank: 4477 Failed sync.richaudience.com — Cisco Umbrella Rank: 1514	2 KB
11	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 345 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 651 aax.amazon-adsystem.com — Cisco Umbrella Rank: 457 s.amazon-adsystem.com — Cisco Umbrella Rank: 352	90 KB
10	openx.net 6 redirects rtb.openx.net — Cisco Umbrella Rank: 556 oajs.openx.net — Cisco Umbrella Rank: 2849 google-bidout-d.openx.net — Cisco Umbrella Rank: 2781 u.openx.net — Cisco Umbrella Rank: 743 firstmedia2-d.openx.net — Cisco Umbrella Rank: 403127 us-u.openx.net — Cisco Umbrella Rank: 516 eu-u.openx.net — Cisco Umbrella Rank: 3005	3 KB
10	kueezrtb.com 6 redirects u.kueezrtb.com — Cisco Umbrella Rank: 9323 exchange.kueezrtb.com — Cisco Umbrella Rank: 5600 Failed sync.kueezrtb.com — Cisco Umbrella Rank: 3461	11 KB
9	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 267 secure.adnxs.com — Cisco Umbrella Rank: 479	24 KB
9	pubmatic.com 3 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 480 image2.pubmatic.com — Cisco Umbrella Rank: 867 ads.pubmatic.com Failed image8.pubmatic.com — Cisco Umbrella Rank: 652	1 KB
9	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 774 ce.lijit.com — Cisco Umbrella Rank: 912	6 KB
8	eu-4-id5-sync.com d0.eu-4-id5-sync.com — Cisco Umbrella Rank: 63349 d1.eu-4-id5-sync.com — Cisco Umbrella Rank: 62967 d2.eu-4-id5-sync.com — Cisco Umbrella Rank: 63146 d3.eu-4-id5-sync.com — Cisco Umbrella Rank: 63135 d4.eu-4-id5-sync.com — Cisco Umbrella Rank: 63153 d5.eu-4-id5-sync.com — Cisco Umbrella Rank: 63001 d6.eu-4-id5-sync.com — Cisco Umbrella Rank: 62486 d7.eu-4-id5-sync.com — Cisco Umbrella Rank: 62668	1 KB
8	eu-3-id5-sync.com d0.eu-3-id5-sync.com — Cisco Umbrella Rank: 63134 d1.eu-3-id5-sync.com — Cisco Umbrella Rank: 62485 d2.eu-3-id5-sync.com — Cisco Umbrella Rank: 62650 d3.eu-3-id5-sync.com — Cisco Umbrella Rank: 62893 d4.eu-3-id5-sync.com — Cisco Umbrella Rank: 62772 d5.eu-3-id5-sync.com — Cisco Umbrella Rank: 62739 d6.eu-3-id5-sync.com — Cisco Umbrella Rank: 62570 d7.eu-3-id5-sync.com — Cisco Umbrella Rank: 62540	1 KB
8	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 691	3 KB
7	1rx.io 7 redirects sync.1rx.io — Cisco Umbrella Rank: 503	4 KB
7	ccgateway.net pb-rtd-minutemedia.ccgateway.net — Cisco Umbrella Rank: 12801 pb-ing-minutemedia.ccgateway.net — Cisco Umbrella Rank: 11342	2 KB
7	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 745 gum.criteo.com — Cisco Umbrella Rank: 461 mug.criteo.com — Cisco Umbrella Rank: 3626	2 KB
6	bidr.io 6 redirects match.prod.bidr.io — Cisco Umbrella Rank: 598	3 KB
6	adsrvr.org 6 redirects match.adsrvr.org — Cisco Umbrella Rank: 373 data.adsrvr.org — Cisco Umbrella Rank: 5968	5 KB
6	itsblossom.com 1 redirects news.itsblossom.com — Cisco Umbrella Rank: 133762 gtrack.news.itsblossom.com — Cisco Umbrella Rank: 204401 track.news.itsblossom.com — Cisco Umbrella Rank: 225587	33 KB
5	unrulymedia.com 3 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1136 targeting.unrulymedia.com — Cisco Umbrella Rank: 827	2 KB
5	adform.net 4 redirects cm.adform.net — Cisco Umbrella Rank: 1528 c1.adform.net — Cisco Umbrella Rank: 604	3 KB
5	a-mo.net 5 redirects prebid.a-mo.net — Cisco Umbrella Rank: 777	3 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 994 id5-sync.com — Cisco Umbrella Rank: 522	32 KB
5	3lift.com 3 redirects tlx.3lift.com — Cisco Umbrella Rank: 535 eb2.3lift.com — Cisco Umbrella Rank: 415	3 KB
5	gstatic.com fonts.gstatic.com csi.gstatic.com	102 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30 imasdk.googleapis.com — Cisco Umbrella Rank: 501	150 KB
4	tapad.com 4 redirects pixel.tapad.com — Cisco Umbrella Rank: 446	1 KB
4	media.net 3 redirects prebid.media.net — Cisco Umbrella Rank: 986 cs.media.net — Cisco Umbrella Rank: 1030	2 KB
4	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1011 bcp.crwdcntrl.net — Cisco Umbrella Rank: 976 sync.crwdcntrl.net — Cisco Umbrella Rank: 891	27 KB
4	voltaxservices.io players.voltaxservices.io — Cisco Umbrella Rank: 20305 content.voltaxservices.io — Cisco Umbrella Rank: 22208 factor-service.prod.voltaxservices.io — Cisco Umbrella Rank: 11261	12 KB
3	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 482	34 KB
3	turn.com 3 redirects ad.turn.com — Cisco Umbrella Rank: 928	1 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 506 ssum.casalemedia.com — Cisco Umbrella Rank: 1555	2 KB
3	mmvideocdn.com mp.mmvideocdn.com — Cisco Umbrella Rank: 10633	689 KB
3	disqus.com 1 redirects ssp.disqus.com — Cisco Umbrella Rank: 1426	705 B
3	criteo.net static.criteo.net — Cisco Umbrella Rank: 776	44 KB
2	sitescout.com 2 redirects pixel-sync.sitescout.com — Cisco Umbrella Rank: 661	1017 B
2	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 780	688 B
2	dotomi.com 2 redirects equativ-match.dotomi.com — Cisco Umbrella Rank: 3534	609 B
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 917	603 B
2	yieldmo.com 2 redirects ads.yieldmo.com — Cisco Umbrella Rank: 559	1 KB
2	sonobi.com 2 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 922	1 KB
2	contextweb.com 2 redirects bh.contextweb.com — Cisco Umbrella Rank: 541	2 KB
2	360yield.com 2 redirects ad.360yield.com — Cisco Umbrella Rank: 734	725 B
2	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 5989 api.rlcdn.com Failed check.analytics.rlcdn.com — Cisco Umbrella Rank: 2944	37 KB
2	bqstreamer.com events3.bqstreamer.com — Cisco Umbrella Rank: 10549	680 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	185 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 582	455 B
1	eexsync.com 1 redirects eexsync.com — Cisco Umbrella Rank: 4623	491 B
1	admixer.net 1 redirects inv-nets.admixer.net — Cisco Umbrella Rank: 2479	578 B
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 31402	63 B
1	google.com analytics.google.com — Cisco Umbrella Rank: 147
1	ymmobi.com 1 redirects gw-iad-bid.ymmobi.com — Cisco Umbrella Rank: 1660	429 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 839	366 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116	14 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 364	17 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34	21 KB
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1012	604 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 857	290 B
1	a-mx.com 1 redirects id.a-mx.com — Cisco Umbrella Rank: 1613	1 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1904	627 B
1	minutemediacdn.com images2.minutemediacdn.com — Cisco Umbrella Rank: 15491	96 KB
1	hadronid.net cdn.hadronid.net — Cisco Umbrella Rank: 1601	12 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1096	17 KB
1	minutemedia-prebid.com hb.minutemedia-prebid.com — Cisco Umbrella Rank: 3523	475 B
1	omnitagjs.com hb-api.omnitagjs.com — Cisco Umbrella Rank: 4000	1 KB
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 1567	630 B
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2261	8 KB
0	mediarithmics.com Failed cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 4562 Failed
391	76

	Domain	Requested by
22	fastlane.rubiconproject.com	static-cdn.kueez.net
19	rtb.voltaxam.com	mp.mmvideocdn.com news.itsblossom.com
15	btlr.sharethrough.com	mp.mmvideocdn.com
13	posts-cdn.kueez.net	news.itsblossom.com
12	ids.ad.gt	1 redirects news.itsblossom.com
11	vms-videos.minutemediaservices.com	mp.mmvideocdn.com news.itsblossom.com
10	x.bidswitch.net	6 redirects news.itsblossom.com
9	rtb-csync.smartadserver.com	2 redirects news.itsblossom.com
9	prebid.cootlogix.com	static-cdn.kueez.net mp.mmvideocdn.com
8	onetag-sys.com	2 redirects static-cdn.kueez.net mp.mmvideocdn.com
8	prg.smartadserver.com	static-cdn.kueez.net mp.mmvideocdn.com
8	shb.richaudience.com	static-cdn.kueez.net
7	sync.kueezrtb.com	6 redirects news.itsblossom.com
7	sync.1rx.io	7 redirects
6	match.prod.bidr.io	6 redirects
6	match.sharethrough.com	2 redirects news.itsblossom.com
6	cm.g.doubleclick.net	4 redirects news.itsblossom.com
6	pb-ing-minutemedia.ccgateway.net	mp.mmvideocdn.com
6	ib.adnxs.com	1 redirects static-cdn.kueez.net mp.mmvideocdn.com
6	static-cdn.kueez.net	news.itsblossom.com
5	prebid.a-mo.net	5 redirects
5	match.adsrvr.org	5 redirects
5	p.ad.gt	a.ad.gt p.ad.gt
5	aax.amazon-adsystem.com	c.amazon-adsystem.com news.itsblossom.com
5	hbopenbid.pubmatic.com	static-cdn.kueez.net mp.mmvideocdn.com
5	ap.lijit.com	4 redirects static-cdn.kueez.net
4	ce.lijit.com	news.itsblossom.com
4	c1.adform.net	4 redirects
4	id5-sync.com	cdn.id5-sync.com mp.mmvideocdn.com
4	eb2.3lift.com	3 redirects news.itsblossom.com
4	pixel.tapad.com	4 redirects
4	prebid-server.rubiconproject.com	mp.mmvideocdn.com
4	gum.criteo.com	1 redirects static.criteo.net
4	c.amazon-adsystem.com	news.itsblossom.com mp.mmvideocdn.com c.amazon-adsystem.com
4	securepubads.g.doubleclick.net	news.itsblossom.com securepubads.g.doubleclick.net imasdk.googleapis.com
4	kcdn.kueez.net	news.itsblossom.com kcdn.kueez.net
3	m.media-amazon.com	news.itsblossom.com
3	sync.cootlogix.com	2 redirects news.itsblossom.com
3	sync.richaudience.com	2 redirects news.itsblossom.com
3	seg.ad.gt	p.ad.gt
3	cs.media.net	3 redirects
3	sync.targeting.unrulymedia.com	3 redirects
3	ad.turn.com	3 redirects
3	image2.pubmatic.com	3 redirects
3	secure.adnxs.com	3 redirects
3	id.hadron.ad.gt	cdn.hadronid.net mp.mmvideocdn.com
3	selector.voltaxam.com	mp.mmvideocdn.com
3	mp.mmvideocdn.com	players.voltaxservices.io mp.mmvideocdn.com
3	ssp.disqus.com	1 redirects static-cdn.kueez.net news.itsblossom.com
3	static.criteo.net	securepubads.g.doubleclick.net static-cdn.kueez.net static.criteo.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	news.itsblossom.com mp.mmvideocdn.com
2	csi.gstatic.com	imasdk.googleapis.com
2	pixel-sync.sitescout.com	2 redirects
2	sync-tm.everesttech.net	1 redirects news.itsblossom.com
2	equativ-match.dotomi.com	2 redirects
2	mug.criteo.com	news.itsblossom.com
2	targeting.unrulymedia.com	mp.mmvideocdn.com
2	lb.eu-1-id5-sync.com	cdn.id5-sync.com mp.mmvideocdn.com
2	u.openx.net	2 redirects
2	ads.yieldmo.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	sync.go.sonobi.com	2 redirects
2	bh.contextweb.com	2 redirects
2	ad.360yield.com	2 redirects
2	imasdk.googleapis.com	mp.mmvideocdn.com imasdk.googleapis.com
2	prediction.voltaxam.com	mp.mmvideocdn.com
2	a.ad.gt	news.itsblossom.com p.ad.gt
2	factor-service.prod.voltaxservices.io	mp.mmvideocdn.com
2	events3.bqstreamer.com	mp.mmvideocdn.com
2	oajs.openx.net	1 redirects news.itsblossom.com
2	exchange.kueezrtb.com	static-cdn.kueez.net mp.mmvideocdn.com
2	rtb.openx.net	1 redirects static-cdn.kueez.net
2	tags.crwdcntrl.net	securepubads.g.doubleclick.net news.itsblossom.com
2	www.googletagmanager.com	news.itsblossom.com p.ad.gt
2	track.news.itsblossom.com	news.itsblossom.com
2	gtrack.news.itsblossom.com	news.itsblossom.com
2	news.itsblossom.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	eu-u.openx.net	1 redirects
1	check.analytics.rlcdn.com	mp.mmvideocdn.com
1	eexsync.com	1 redirects
1	data.adsrvr.org	1 redirects
1	sync.crwdcntrl.net	1 redirects
1	us-u.openx.net	news.itsblossom.com
1	firstmedia2-d.openx.net	1 redirects
1	pixel-us-east.rubiconproject.com	1 redirects
1	inv-nets.admixer.net	1 redirects
1	image8.pubmatic.com	news.itsblossom.com
1	d7.eu-4-id5-sync.com	cdn.id5-sync.com
1	d6.eu-4-id5-sync.com	cdn.id5-sync.com
1	d5.eu-4-id5-sync.com	cdn.id5-sync.com
1	d4.eu-4-id5-sync.com	cdn.id5-sync.com
1	d3.eu-4-id5-sync.com	cdn.id5-sync.com
1	d2.eu-4-id5-sync.com	cdn.id5-sync.com
1	d1.eu-4-id5-sync.com	cdn.id5-sync.com
1	d0.eu-4-id5-sync.com	cdn.id5-sync.com
1	d7.eu-3-id5-sync.com	cdn.id5-sync.com
1	d6.eu-3-id5-sync.com	cdn.id5-sync.com
1	d5.eu-3-id5-sync.com	cdn.id5-sync.com
1	d4.eu-3-id5-sync.com	cdn.id5-sync.com
1	d3.eu-3-id5-sync.com	cdn.id5-sync.com
1	d2.eu-3-id5-sync.com	cdn.id5-sync.com
1	d1.eu-3-id5-sync.com	cdn.id5-sync.com
1	d0.eu-3-id5-sync.com	cdn.id5-sync.com
1	proton.ad.gt	p.ad.gt
1	www.google.com.au	news.itsblossom.com
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	s.amazon-adsystem.com	news.itsblossom.com
1	gw-iad-bid.ymmobi.com	1 redirects
1	cms.quantserve.com	1 redirects
1	pagead2.googlesyndication.com	imasdk.googleapis.com
1	s0.2mdn.net	imasdk.googleapis.com
1	pixels.ad.gt	p.ad.gt
1	www.google-analytics.com	p.ad.gt
1	ssbsync.smartadserver.com	1 redirects
1	cs.admanmedia.com	1 redirects
1	csync.loopme.me	1 redirects
1	cm.adform.net	news.itsblossom.com
1	id.a-mx.com	1 redirects
1	ssum.casalemedia.com	1 redirects
1	eus.rubiconproject.com	mp.mmvideocdn.com
1	geo.privacymanager.io	ats.rlcdn.com
1	token.rubiconproject.com	1 redirects
1	images2.minutemediacdn.com	news.itsblossom.com
1	cdn.id5-sync.com	news.itsblossom.com
1	cdn.hadronid.net	news.itsblossom.com
1	secure.cdn.fastclick.net	news.itsblossom.com
1	ats.rlcdn.com	news.itsblossom.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	pb-rtd-minutemedia.ccgateway.net	mp.mmvideocdn.com
1	content.voltaxservices.io	mp.mmvideocdn.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	bidder.criteo.com	static-cdn.kueez.net
1	tlx.3lift.com	static-cdn.kueez.net
1	hb.minutemedia-prebid.com	static-cdn.kueez.net
1	grid.bidswitch.net	static-cdn.kueez.net
1	prebid.media.net	static-cdn.kueez.net
1	hb-api.omnitagjs.com	static-cdn.kueez.net
1	hb.yellowblue.io	static-cdn.kueez.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	players.voltaxservices.io	static-cdn.kueez.net
1	otrack.kueez.net	news.itsblossom.com
1	u.kueezrtb.com	static-cdn.kueez.net
0	cookie-matching.mediarithmics.com Failed
0	api.rlcdn.com Failed	mp.mmvideocdn.com
0	ads.pubmatic.com Failed	news.itsblossom.com
391	150

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
imgur.com
www.reddit.com
www.youtube.com
weare.kueez.com

Subject Issuer	Validity	Valid
news.itsblossom.com R10	`2024-08-23` - `2024-11-21`	3 months	crt.sh
gtrack.news.itsblossom.com E5	`2024-08-22` - `2024-11-20`	3 months	crt.sh
track.news.itsblossom.com E5	`2024-08-22` - `2024-11-20`	3 months	crt.sh
posts-cdn.kueez.net WE1	`2024-08-30` - `2024-11-28`	3 months	crt.sh
kueez.net E5	`2024-09-09` - `2024-12-08`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
kueezrtb.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.voltaxservices.io Amazon RSA 2048 M03	`2023-12-27` - `2025-01-25`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2024-09-07` - `2025-10-07`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-21`	3 months	crt.sh
oa.openxcdn.net WR3	`2024-09-16` - `2024-12-15`	3 months	crt.sh
*.richaudience.com RapidSSL TLS RSA CA G1	`2024-02-14` - `2025-02-25`	a year	crt.sh
*.lijit.com Amazon RSA 2048 M03	`2024-09-18` - `2025-10-18`	a year	crt.sh
*.yellowblue.io Amazon RSA 2048 M03	`2024-03-18` - `2025-04-16`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2024-07-02` - `2025-08-01`	a year	crt.sh
ssp.disqus.com Amazon RSA 2048 M02	`2024-09-19` - `2025-10-17`	a year	crt.sh
*.cootlogix.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-19` - `2024-11-17`	a year	crt.sh
prebid.media.net WR3	`2024-10-05` - `2025-01-03`	3 months	crt.sh
*.pubmatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-19` - `2025-04-19`	a year	crt.sh
*.bidswitch.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-23` - `2024-12-21`	3 months	crt.sh
*.smartadserver.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-17` - `2025-01-16`	a year	crt.sh
*.onetag-sys.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-01-23` - `2025-01-29`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2024-08-14` - `2025-08-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-30` - `2025-04-03`	8 months	crt.sh
*.minutemedia-prebid.com Amazon ECDSA 256 M02	`2024-03-18` - `2025-04-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2024-03-13` - `2025-04-11`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
mp.mmvideocdn.com Amazon RSA 2048 M02	`2024-03-27` - `2025-04-25`	a year	crt.sh
bqstreamer.com WE1	`2024-08-28` - `2024-11-26`	3 months	crt.sh
orchestration-service.prod.voltaxservices.io Amazon RSA 2048 M02	`2024-02-29` - `2025-03-30`	a year	crt.sh
factor-service.prod.voltaxservices.io Amazon RSA 2048 M03	`2024-03-26` - `2025-04-24`	a year	crt.sh
ccgateway.net E5	`2024-08-07` - `2024-11-05`	3 months	crt.sh
a.ad.gt WE1	`2024-10-05` - `2025-01-03`	3 months	crt.sh
mm-ssp.voltaxam.com Amazon RSA 2048 M02	`2024-09-30` - `2025-10-29`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-06` - `2025-03-05`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2024-08-07` - `2025-08-07`	a year	crt.sh
hadronid.net WE1	`2024-09-24` - `2024-12-23`	3 months	crt.sh
id5-sync.com WE1	`2024-09-30` - `2024-12-29`	3 months	crt.sh
images.mmctsvc.com Amazon RSA 2048 M02	`2024-04-02` - `2025-05-01`	a year	crt.sh
vms-videos.minutemediaservices.com R11	`2024-09-13` - `2024-12-12`	3 months	crt.sh
*.voltaxam.com Amazon RSA 2048 M03	`2024-04-11` - `2025-05-10`	a year	crt.sh
id.hadron.ad.gt WE1	`2024-09-20` - `2024-12-19`	3 months	crt.sh
*.sharethrough.com DigiCert Global G3 TLS ECC SHA384 2020 CA1	`2024-07-15` - `2025-08-15`	a year	crt.sh
p.ad.gt WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.ad.gt Amazon RSA 2048 M02	`2024-03-10` - `2025-04-08`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M03	`2024-06-26` - `2025-07-24`	a year	crt.sh
seg.ad.gt WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
pixels.ad.gt WE1	`2024-09-05` - `2024-12-04`	3 months	crt.sh
*.id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.eu-1-id5-sync.com R10	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-30` - `2025-05-31`	a year	crt.sh
*.kueezrtb.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-05` - `2025-09-14`	a year	crt.sh
s.amazon-adsystem.com Amazon RSA 2048 M01	`2024-04-24` - `2025-04-17`	a year	crt.sh
*.google.com WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
*.google.com.au WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
proton.ad.gt WE1	`2024-09-07` - `2024-12-06`	3 months	crt.sh
*.eu-3-id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
*.eu-4-id5-sync.com E5	`2024-09-01` - `2024-11-30`	3 months	crt.sh
analytics.rlcdn.com Amazon RSA 2048 M02	`2024-05-26` - `2025-06-24`	a year	crt.sh
m.media-amazon.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-03` - `2025-07-05`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Frame ID: BCCCF5335F03DDAB9EE37C7BE11C8BA0
Requests: 335 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: D3A6920DBD29B4CF3CF60B48A413034A
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=news.itsblossom.com
Frame ID: 530E1FF298400F98D8D7B172A41E6DFF
Requests: 1 HTTP requests in this frame

Frame: https://mp.mmvideocdn.com/mini-player/scripts/voltax_mp_bridge.html
Frame ID: 6F5C108E31E24712FA00F4A011ED2B7C
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 2FAA6E9AED48007902D4595CECB28368
Requests: 36 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 87A6DDE9388E0CD03B1B438C1AE7FAD2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7e42d776fe3e25a&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: C839724230AAC978D0B045FCED15F107
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=minute_media_01&endpoint=us-west
Frame ID: 645389AD26001D4A13074FD1907D18BA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.672.0_en.html
Frame ID: A860D55A75F9524EAE50F7120C591E96
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FBE47FD06D457C2400D7DD62261C2D11
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-FVWZ0RM4DH&gacid=422910039.1729066114&gtm=45je4ae0v9116367008za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823848&z=1037383086
Frame ID: 4436FFB30BD51061E7688DD741C542D0
Requests: 1 HTTP requests in this frame

Frame: https://proton.ad.gt/join-ad-interest-groups.html
Frame ID: B3782A2C76F5C47F51475A5198F21D2B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.itsblossom.com
Frame ID: B87A9F8FA9553C1344702DDD622BCAFC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Life Hacks to Tackle Those Everyday Irritations | ItsBlossom

Page URL History Show full URLs

http://news.itsblossom.com/ HTTP 307
https://news.itsblossom.com/ HTTP 302
https://news.itsblossom.com/en/sDzHSexkMOasgP8f Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

391
Requests

68 %
HTTPS

28 %
IPv6

76
Domains

150
Subdomains

102
IPs

11
Countries

7645 kB
Transfer

14546 kB
Size

161
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/kueez.official/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kueezcom/

Search URL Search Domain Scan URL

URL: https://imgur.com/hSupk21
Title: Imgur

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/lifehacks/comments/br86td/use_bobby_pins_to_untie_stubborn_shoelaces/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=BYMqrgbvuqM&t=49s
Title: youtube.com

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/pics/comments/bvvwyc/my_dog_rolo_has_always_been_a_messy_drinker_my/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/mildlyinteresting/comments/77g2hu/someone_at_my_work_created_a_clock_out_of_two/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://imgur.com/gallery/ZbUP9u3
Title: Imgur

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/lifehacks/comments/nh7m47/you_can_connect_two_ziplock_bags_by_flipping_one/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://imgur.com/gallery/bxQ5N
Title: Imgur

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/mildlyinteresting/comments/93y6m6/my_grandpa_uses_the_actual_hardware_for_labeling/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/facepalm/comments/hsdb6z/how_to_defeat_customer_service/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://imgur.com/gallery/0qbrrLZ
Title: Imgur

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/lifehacks/comments/cefvtc/changed_the_one_ear_phone_rubber_to_black_black/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://imgur.com/gallery/oztNO
Title: Imgur

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/pcmasterrace/comments/666nw5/simple_cable_management_method/?ref=readnext
Title: Reddit

Search URL Search Domain Scan URL

URL: https://imgur.com/gallery/KBGG0lR
Title: Imgur

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/hmmm/comments/7usiib/hmmm/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/funny/comments/8xkayk/grandma_do_you_have_some_rice_that_i_can_put_my/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/lifehacks/comments/drzw0x/need_tweezers_in_a_pinch/?ref=share&ref_source=embed
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/pics/comments/ib2b19/my_dads_t_got_splattered_with_bleach_he_decided/?ref=share&ref_source=embed
Title: Reddit

Search URL Search Domain Scan URL

URL: https://imgur.com/4aDUHWX
Title: Imgur

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/lifehacks/comments/ib45zx/instead_of_buying_those_cheap_plastic_chair_mats/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/lifehacks/comments/dai6mh/hackerman/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/pics/comments/fq6ols/sewing_a_button_to_a_headband_to_keep_masks_from/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://imgur.com/gallery/l7ALStK
Title: Imgur

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/aww/comments/gpuxt2/this_gentleman_at_target_who_reversed_his_hooded/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/lifehacks/comments/i4iaen/making_one_of_these_this_weekend/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/lifehacks/comments/87fodt/to_remove_strong_adhesive_labels_from_plastic/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/lifehacks/comments/nm57rr/if_youre_like_me_and_have_a_broken_laptop_hinge/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://imgur.com/uOBY31m
Title: Imgur

Search URL Search Domain Scan URL

URL: https://imgur.com/9gJ8qGl
Title: Imgur

Search URL Search Domain Scan URL

URL: https://www.reddit.com/r/mildlyinteresting/comments/fipv5g/this_bra_used_to_protect_a_horses_infected_eye/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://weare.kueez.com/brands/#itsblossom-v3
Title: About

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://news.itsblossom.com/ HTTP 307
https://news.itsblossom.com/ HTTP 302
https://news.itsblossom.com/en/sDzHSexkMOasgP8f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 160

https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&rid=esp&cc=1

Request Chain 218

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&adnxs_id=$UID&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&adnxs_id=1470867526730679273&gdpr=0

Request Chain 219

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729066113-RW8U20VP-7TQL&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729066113-RW8U20VP-7TQL&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=d001ba32-7b2e-44c7-9ae9-462456187448&id=AU1D-0100-001729066113-RW8U20VP-7TQL

Request Chain 220

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729066113-RW8U20VP-7TQL HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729066113-RW8U20VP-7TQL HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=07C8E0F4-267D-4F22-8720-365BFFCD3A57&id=AU1D-0100-001729066113-RW8U20VP-7TQL

Request Chain 221

https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001729066113-RW8U20VP-7TQL&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&rub=M2BLBIAL-A-9ZFL&gdpr=0

Request Chain 222

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001729066113-RW8U20VP-7TQL&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729066113-RW8U20VP-7TQL%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001729066113-RW8U20VP-7TQL&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729066113-RW8U20VP-7TQL%26tapad_id%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=198cd94c-4256-4cca-a638-2ca68b26c2d0%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fid%25253DAU1D-0100-001729066113-RW8U20VP-7TQL%252526tapad_id%25253D198cd94c-4256-4cca-a638-2ca68b26c2d0%252C&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d001ba32-7b2e-44c7-9ae9-462456187448&ttd_puid=198cd94c-4256-4cca-a638-2ca68b26c2d0%2Chttps%253A%252F%252Fids.ad.gt%252Fapi%252Fv1%252Ftapad_match%253Fid%253DAU1D-0100-001729066113-RW8U20VP-7TQL%2526tapad_id%253D198cd94c-4256-4cca-a638-2ca68b26c2d0%2C HTTP 302
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&tapad_id=198cd94c-4256-4cca-a638-2ca68b26c2d0

Request Chain 223

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001729066113-RW8U20VP-7TQL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001729066113-RW8U20VP-7TQL&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&google_gid=CAESEPclGzx7E95ezIx2GyqImAg&google_cver=1&google_ula=450542624,0

Request Chain 224

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001729066113-RW8U20VP-7TQL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTA2NjExMy1SVzhVMjBWUC03VFFM

Request Chain 225

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729066113-RW8U20VP-7TQL%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729066113-RW8U20VP-7TQL%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&impr_uid=5d4f086c-6050-4cda-898d-8387d833bbd1

Request Chain 226

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001729066113-RW8U20VP-7TQL HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=8TwRbhWzax86&ev=1&pid=562316&id=AU1D-0100-001729066113-RW8U20VP-7TQL

Request Chain 227

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&uid=[UID]&gdpr=0 HTTP 302
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&uid=b6973e9b-cda6-4cd5-bd07-3def60a671fe&gdpr=0

Request Chain 231

https://secure.adnxs.com/getuid?https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&xandr_uid=$UID&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&xandr_uid=1470867526730679273&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 232

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26triplelift_uid%3D$UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26triplelift_uid%3D%24UID HTTP 302
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&triplelift_uid=2099701292308855099479

Request Chain 233

https://sync.go.sonobi.com/us?gdpr=0&consent_string=&us_privacy=&loc=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26sonobi_uid%3D%5BUID%5D HTTP 302
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&sonobi_uid=ac4939f3-47c1-48d8-86d5-07e973bce8d9

Request Chain 234

https://image8.pubmatic.com/AdServer/ImgSync?p=163062&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D163062%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frtb.voltaxam.com%252FcookieSync%253FvoltaxRTBUserID%253D01jaa5y5y97rtgk9sbswv6agp1%2526pubmatic_uid%253D%2523PMUID%2526redir2%253Dtrue HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDdDOEUwRjQtMjY3RC00RjIyLTg3MjAtMzY1QkZGQ0QzQTU3&gdpr=0&gdpr_consent=&google_cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKylfIG6Hy7AxOmL-phcKJQ&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B8jg9CZ9TyKHIDZb_806Vw%3D%3D&gdpr=0&gdpr_consent=&google_cm HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEI_uuyqyEWEOfhQo6IH-bkE&google_cver=1

Request Chain 235

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26sovrn_uid%3D%24UID HTTP 307
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&sovrn_uid=JgUoABZHn8BW5yWCRZSYn8WU

Request Chain 236

https://ssum-sec.casalemedia.com/usermatchredir?s=196326&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26ix_uid%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26ix_uid%3D&gdpr=0&gdpr_consent=&s=196326&us_privacy=&C=1 HTTP 302
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&ix_uid=Zw90gosFVUMAAAXTAFxpVQAA%264747

Request Chain 237

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26adaptmx_uid%3D HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d-e616-4de5-b020-53af6b59a098%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%253D%253D%26uid%3D%24UID HTTP 302
https://prebid.a-mo.net/cchain/0/8782?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=555df71d-e616-4de5-b020-53af6b59a098&bidder=appnexus&cbx=aHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%3D%3D&uid=1470867526730679273 HTTP 302
https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d-e616-4de5-b020-53af6b59a098%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%253D%253D%26uid%3D%24%7BUID%7D HTTP 302
https://prebid.a-mo.net/cchain/1/8782?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=555df71d-e616-4de5-b020-53af6b59a098&bidder=openx&cbx=aHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%3D%3D&uid=a21a459e-c9f5-460b-aa96-2933c0ee1f96 HTTP 302
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d-e616-4de5-b020-53af6b59a098%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%253D%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/2/8782?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=555df71d-e616-4de5-b020-53af6b59a098&bidder=index_rtb&cbx=aHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%3D%3D&uid=Zw90gosFVUMAAAXTAFxpVQAA%264747 HTTP 302
https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d-e616-4de5-b020-53af6b59a098%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%253D%253D%26uid%3D HTTP 302
https://prebid.a-mo.net/cchain/4/8782?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=555df71d-e616-4de5-b020-53af6b59a098&bidder=amx_com&cbx=aHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%3D%3D&uid=555df71d-e616-4de5-b020-53af6b59a098 HTTP 302
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d-e616-4de5-b020-53af6b59a098%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%253D%253D%26uid%3D%24UID

Request Chain 238

https://ads.yieldmo.com/pbsync?is=MMED_Voltax&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26yieldmo_uid%3D%24UID HTTP 302
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&yieldmo_uid=VeyIvMM6r5MpMECoCAq9&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 239

https://csync.loopme.me/?pubid=11586&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26loopme_uid%3D%7Bviewer_token%7D HTTP 307
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&loopme_uid=577f409b-003d-450c-a2e8-f945e76bfeae&us_privacy=null&gdpr_consent=null&gdpr=0

Request Chain 240

https://cs.admanmedia.com/sync/minute_media?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26acuityads_uid%3D%5BUID%5D HTTP 302
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&acuityads_uid=4fe2a539-ff2a-4cb8-8f56-2bacc1417a2c

Request Chain 241

https://sync.1rx.io/usersync2/rmpssp?sub=sportority&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26unruly_uid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=sportority&zcc=1&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26unruly_uid%3D%5BRX_UUID%5D&cb=1729066115819 HTTP 302
https://ad.turn.com/r/cs?pid=45&id=RX-9e7e8cfc-6966-4f81-bc8c-0aa35b2403bc-004&rndcb=3152199219 HTTP 302
https://sync.1rx.io/usersync/turn/2423178748706267666?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D175kELn9xvfXoe3C4qjRaWS8%26source_user_id%3DRX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=175kELn9xvfXoe3C4qjRaWS8&source_user_id=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004

Request Chain 242

https://u.openx.net/w/1.0/cm?id=6667519e-f89c-40a7-9fb6-e7217998098f&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26openx_uid%3D%7BOPENX_ID%7D%20 HTTP 302
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&openx_uid=4d6d2dac-987f-4417-9371-85fb5ac417c3

Request Chain 243

https://cs.media.net/cksync.php?cs=81&type=vol&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26medianet_uid%3D%3Cvsid%3E HTTP 302
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&medianet_uid=3720677159035665000V10

Request Chain 244

https://ssbsync.smartadserver.com/api/sync?callerId=129&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26smartadserver_uid%3D%5Bssb_sync_pid%5D HTTP 302
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&smartadserver_uid=5626527542043584697

Request Chain 280

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.itsblossom.com%2F&domain=news.itsblossom.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=nlZryXxMVWVpS2NCOVR2ZGxXNXUxZHZ5OGF5U0JtdTJqaWFoYm1OVWhmRmdxMW9ZS0xaZEw0Z2xKUjB4TWRWT2UxeVczSUpmdnVhdUFmZzRFSldiRXpaMFVCa29sSWkzbTkramZ0YlE2bmpmOEkza0V0aGc2VGdvRmxmbElMT2FWZExkUjFQKzFzVFBoUzdnNWg0V29WSUwrYU1IOHF1b1gyNG5wbUhaOUFqc1ZsTUNPYUdUaHA4dEtRamQ2SGpBckxwaVVkczdkZzFEa2tkVUR1dFRkRkhhK1J3a1p2cUxBQzZ4UWQ1Z1JZUStIUEJPZTRBRVNqQ2lEOUtkRzV1cThQa0x1Z2ozdmF2ZHNoSDdGczltcVA0V3VqS2g2cXlmNHZGYXdXM3RUd29HcmhOOVN1emtsV2g3bHZycVp6cSsrdmhXMzg2aTFta1EzRmFHRGQxM1QxcGQwRWc9PXw&cppv=2

Request Chain 284

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d001ba32-7b2e-44c7-9ae9-462456187448&gdpr=0&gdpr_consent=

Request Chain 285

https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent= HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCNmJVN09IdWtBQUJTNzl1SHVQZw&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB6bU7OHukAABS79uHuPg&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Csas%252Cshr%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?ev=AAB6bU7OHukAABS79uHuPg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cshr%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cshr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB6bU7OHukAABS79uHuPg&pid=558502&do=add&gdpr=0 HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAB6bU7OHukAABS79uHuPg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dshr%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=shr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5626527542043584697&gdpr=0&gdpr_consent= HTTP 303
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAB6bU7OHukAABS79uHuPg&gdpr=0

Request Chain 286

https://onetag-sys.com/usync/?tag=img HTTP 302
https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=&user_id= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=&gdpr_consent=&user_id= HTTP 302
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&&user_id=vUt8jbxIdNmmH3qJuEth2-keeYqmHX-N6kheZ8ef

Request Chain 287

https://x.bidswitch.net/sync?ssp=sharethrough&user_id=00f043ca-a8c6-454f-b1b3-ba1fd54c4479&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365 HTTP 302
https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=&bidswitch_ssp_id=sharethrough&bsw_custom_parameter=0ff9aa47-d50f-4262-a58b-d5a3a194edbc&callback=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D257 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&ssp=sharethrough&user_id=ym_user_d9ffee93-844b-4db6-ae1c-276ef2f9226c&bsw_param=0ff9aa47-d50f-4262-a58b-d5a3a194edbc

Request Chain 288

https://sync.1rx.io/usersync2/rmpssp?sub=sharethrough HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=sharethrough&zcc=1&cb=1729066115867 HTTP 302
https://ad.turn.com/r/cs?pid=45&id=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004&rndcb=6441802959 HTTP 302
https://sync.1rx.io/usersync/turn/8620976260898202130?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D175kELn9xvfXoe3C4qjRaWS8%26source_user_id%3DRX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004 HTTP 302
https://match.sharethrough.com/sync/v1?source_id=175kELn9xvfXoe3C4qjRaWS8&source_user_id=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004

Request Chain 324

https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=e8af3322-a148-4344-97c0-e3f692d131e3&gdpr=0

Request Chain 326

https://onetag-sys.com/usync/?tag=img HTTP 302
https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=&user_id= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=onetag HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=3750431231219133343&ssp=onetag

Request Chain 327

https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f HTTP 302
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&rd=1 HTTP 303
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D$UID HTTP 307
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=JgUoABZHn8BW5yWCRZSYn8WU

Request Chain 328

https://sync.cootlogix.com/api/sync/image/?cid=&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://match.sharethrough.com/universal/v1?supply_id=TAEWcTBw&gdpr=0&gdpr_consent= HTTP 302
https://sync.cootlogix.com/api/cookie?partnerId=sharthrough&userId=e8af3322-a148-4344-97c0-e3f692d131e3&gdpr=0 HTTP 302
https://cs.media.net/cksync?cs=30&type=vdz&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dmedianet%26userId%3D%3Cvsid%3E%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
https://sync.cootlogix.com/api/user?partnerId=medianet&userId=3720677159035665000V10&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 329

https://equativ-match.dotomi.com/match/bounce/current?networkId=9252325&version=1&nuid=SMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://equativ-match.dotomi.com/match/bounce/current?DotomiTest=234434ab7e5621ea&is_secure=true&networkId=9252325&version=1&nuid=SMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=155&partneruserid=AQAK1Gw5dt35uAJUEOLUAQEBAQEBAQCTlV4mtgEBAJOVXia2&expiration=1729152517&nuid=SMART_USER_ID&is_secure=true&gdpr_consent=&gdpr=0

Request Chain 330

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8077868095493991453&gdpr=0&gdpr_consent=

Request Chain 331

https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=&gdpr_consent=&gpp_sid= HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dfmx%26bsw_param%3D0ff9aa47-d50f-4262-a58b-d5a3a194edbc%26gdpr%3D%26consent%3D%26gdpr_pd%3D%26expires%3D7 HTTP 302
https://x.bidswitch.net/sync?dsp_id=354&user_id=1ef4a92e8d8f4b209c524f7edc6a232f&ssp=fmx&bsw_param=0ff9aa47-d50f-4262-a58b-d5a3a194edbc&gdpr=&consent=&gdpr_pd=&expires=7 HTTP 302
https://ce.lijit.com/merge?pid=26&3pid=0ff9aa47-d50f-4262-a58b-d5a3a194edbc&gdpr=&gdpr_consent=&us_privacy=

Request Chain 332

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Zw90hAAJTtnrHAA3

Request Chain 333

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=&gdpr_consent=&gpp_sid= HTTP 302
https://ce.lijit.com/merge?pid=80&3pid=M2BLBIAL-A-9ZFL

Request Chain 334

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=&gdpr_consent=&gpp_sid= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SmdVb0FCWkhuOEJXNXlXQ1JaU1luOFdV

Request Chain 335

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=d001ba32-7b2e-44c7-9ae9-462456187448&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 336

https://sync.kueezrtb.com/api/sync/image/?cid=&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://ads.yieldmo.com/pbsync?is=kueez&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-yieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%24UID HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-yieldmo&userId=VeyIvMM6r5MpMECoCAq9&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-xandr%26userId%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&gdpr=0&gdpr_consent= HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-xandr&userId=1470867526730679273&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://cs.media.net/cksync?cs=45&type=ku&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-medinet%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26userId%3D=%3Cvsid%3E HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-medinet&gdpr=0&gdpr_consent=&us_privacy=&userId==3720677159035665000V10 HTTP 302
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-sovrn%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%24UID HTTP 307
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sovrn&gdpr=0&gdpr_consent=&us_privacy=&userId=JgUoABZHn8BW5yWCRZSYn8WU HTTP 302
https://u.openx.net/w/1.0/cm?id=99b0e635-e719-4648-8bd7-0fd339d4e2e5&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-openx%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%7BOPENX_ID%7D HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-openx&gdpr=0&gdpr_consent=&us_privacy=&userId=b2ba9a07-87fa-42f8-8710-6d091a88fca9 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=kueez&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004?redir=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-r1%26userId%3DRX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004 HTTP 302
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-r1&userId=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004

Request Chain 337

https://firstmedia2-d.openx.net/w/1.0/pd HTTP 302
https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2351121154668339730&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 338

https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent= HTTP 303
https://rtb-csync.smartadserver.com/redir?partneruserid=AAB6bU7OHukAABS79uHuPg&partnerid=127&gdpr=0

Request Chain 339

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=&gdpr_consent=&gpp_sid= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=&gdpr_consent=&gpp_sid= HTTP 302
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ce.lijit.com/merge?pid=16&3pid=0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553&gdpr=0&gdpr_consent=

Request Chain 340

https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=&gdpr_consent=&gpp_sid= HTTP 302
https://ce.lijit.com/merge?pid=27&3pid=d001ba32-7b2e-44c7-9ae9-462456187448&gdpr=0&gdpr_consent=

Request Chain 341

https://ssp.disqus.com/sync?type=image HTTP 302
https://eexsync.com/ztgl358.gif?gdpr=0&gdpr_consent=&us_privacy=&coppa=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D38%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3D HTTP 302
https://ssp.disqus.com/match?bidder=38&buyeruid=8711915e96cfa3da18d33475042af97770f437b16b9216853b9b7c4d9e01bf0a&r=

Request Chain 344

https://id5-sync.com/i/1064/8.gif?o=api&id5id=ID5*cUiQI4LzurHiDh-CIlHGiHY3I2ErldRM_qTMONvbRH3PIkdmVeilfO6knpRy0vUE&gdpr_consent=undefined&gdpr=false HTTP 302
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F1064%2F10%2F7%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F1064%2F10%2F7%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0 HTTP 302
https://id5-sync.com/c/1064/10/7/2.gif?puid=3706714843346917126&gdpr=0&gdpr_consent= HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1064%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/1064/108/6/3.gif?puid=198cd94c-4256-4cca-a638-2ca68b26c2d0&gdpr=0&gdpr_consent= HTTP 302
https://ib.adnxs.com/getuid?https://id5-sync.com/c/1064/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/c/1064/2/5/4.gif?puid=1470867526730679273&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://id5-sync.com/k/264.gif?puid=d001ba32-7b2e-44c7-9ae9-462456187448&ttl=%%TTL%% HTTP 302
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1064%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1064%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://id5-sync.com/c/1064/112/3/6.gif?puid=AB1F720463211B4C&gdpr=0&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm&gdpr_consent=&gdpr=0&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEIbJm3CwF87lt-dSgqcPf3o&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEIbJm3CwF87lt-dSgqcPf3o&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1470867526730679273&opid=apx&ops=&utidl=tech:goo:CAESEIbJm3CwF87lt-dSgqcPf3o&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033

Request Chain 345

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=160&partneruserid=1&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NTYyNjUyNzU0MjA0MzU4NDY5Nw==&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPH7ZWbk5gXX3bvWmGb-N1M&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 346

https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%26partneruserid%3D%7BOPENX_ID%7D&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=8e4d5da9-e1a8-4a8e-8688-571a67a606dd&gdpr=0&gdpr_consent=

Request Chain 347

https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=9ae32fa093

391 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request sDzHSexkMOasgP8f Show response
news.itsblossom.com/en/
Redirect Chain

http://news.itsblossom.com/
https://news.itsblossom.com/
https://news.itsblossom.com/en/sDzHSexkMOasgP8f

144 KB
31 KB

49ms
48ms

Document
text/html

2a04:4e42:200::311
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::311 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

01a3c68fa635623545d01483a20dd87ce2947ba27819607cd704b4d053012801

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: DNT,Set-Cookie,Cookie,Accept,Content-Type,X-Requested-With,X-Api-Key,Cache-Control,Accept-Encoding,Accept-Language,Pragma,Origin,Vary,X-XSRF-TOKEN,CF-IPCountry,client-geo-country
access-control-allow-methods: GET, POST, PUT
access-control-allow-origin: *
access-control-max-age: 1728000
age: 45514
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=2678400, no-transform, public
content-encoding: br
content-length: 31001
content-type: text/html; charset=UTF-8
date: Wed, 16 Oct 2024 08:08:30 GMT
vary: Accept-Encoding, CF-IPCountry, client-geo-country, Origin
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-iad-kjyo7100095-IAD, cache-per12621-PER
x-tag: post-15908
x-timer: S1729066110.049264,VS0,VE1
x-yoto: NCI-0.2.106
x-yoto-req-time: Tuesday, 15-Oct-2024 19:29:56 UTC

Redirect headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: DNT,Set-Cookie,Cookie,Accept,Content-Type,X-Requested-With,X-Api-Key,Cache-Control,Accept-Encoding,Accept-Language,Pragma,Origin,Vary,X-XSRF-TOKEN,CF-IPCountry,client-geo-country
access-control-allow-methods: GET, POST, PUT
access-control-allow-origin: *
access-control-max-age: 1728000
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: no-cache, private
content-length: 434
content-type: text/html; charset=UTF-8
date: Wed, 16 Oct 2024 08:08:29 GMT
location: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
vary: CF-IPCountry, client-geo-country, Origin
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-frame-options: SAMEORIGIN
x-served-by: cache-iad-kiad7000172-IAD, cache-per12621-PER
x-timer: S1729066110.719901,VS0,VE276
x-yoto: NCI-0.2.106
x-yoto-req-time: Wednesday, 16-Oct-2024 08:08:29 UTC

GET
H3 204 dye
gtrack.news.itsblossom.com/ 0
487 B 755ms
639ms Image
text/plain 172.67.73.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.news.itsblossom.com/dye?type=html&h=news.itsblossom.com&lo=en&cc=AU&ly=default&yv=1d5147c27&pid=15908&pn=0&pd=0&ard=0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-store, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HwyilOJKnfXSkWgix3efZckaseTwuU%2FSat9iv2nsIkpg8SsXfDOkVWJaaTKdeXv2YBHhAfibEaWp6WiE1Ns5luZopqmZTFH%2FDQ0rkCzSa5Pgl%2FmJf9vdEHIwHVxqjiUK0ihVmSq8r9voUc%2FL"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d368fb4eb0f8673-PER
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:30 GMT
vary: Accept-Encoding
cf-apo-via: origin,host
server: cloudflare

GET
H3 204 dye
track.news.itsblossom.com/ 0
487 B 688ms
578ms Image
text/plain 172.67.73.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.news.itsblossom.com/dye?type=html&h=news.itsblossom.com&lo=en&cc=AU&ly=default&yv=1d5147c27&pid=15908&pn=0&pd=0&ard=0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-store, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIGaE8Af3Esx0DjgNgC7IhyH%2BMPzTwMxcm7vwny4nXW0PaSUSMHc7%2Bm2alOc51sbcZgkj6tR0wfdmncEIy2K5HWWMzwDqcc23xYd4JQPgck9PytAWBv2vHac0i7o53ROO5O7qZJg98%2F3MRQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d368fb4dd108ad0-PER
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:30 GMT
vary: Accept-Encoding
cf-apo-via: origin,host
server: cloudflare

GET
H2 200 image-iUIJEAO8WIAaMVr6.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 14 KB
15 KB 218ms
57ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-iUIJEAO8WIAaMVr6.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 398f44c9c65091944ecb4a30fb9086ba1fc847527bc61e76bf64d02c13d89927

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-bgj: imgq:100,h2pri
etag: "11caae392f6b06e83019a5e4cc8749b5"
age: 208166
cf-cache-status: HIT
cf-ray: 8d368fb5495a8642-PER
accept-ranges: bytes
cf-polished: origSize=14773
alt-svc: h3=":443"; ma=86400
content-length: 14765
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:22 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 face.min.css
static-cdn.kueez.net/1d5147c27/assets/common/css/vendor/font-awsome/css/ 2 KB
1 KB 122ms
60ms Stylesheet
text/css 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.kueez.net/1d5147c27/assets/common/css/vendor/font-awsome/css/face.min.css
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d644d044d92347b3636ff957a08955c27cc8b0fe73cde505b8789c220be7bb9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
content-encoding: br
cf-cache-status: HIT
etag: W/"d740165eb74596f0716a7597693279a9"
age: 129332
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: text/css
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 13 Oct 2024 14:42:39 GMT
x-amz-id-2: xV1Gv+8TFgPvUdV5azC/WovEDMGN5DDJVqAkvFKhHQicUChaNIHKks6LxjxlyI767Jt9xpvGGbg=
cache-control: max-age=2600000,public
x-amz-request-id: K020N990RYJMBNXH
cf-ray: 8d368fb48dce863b-PER
access-control-allow-origin: *
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 18 KB
2 KB 483ms
197ms Stylesheet
text/css 2404:6800:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,500,700,900&display=swap

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80b::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d45fb067a0e37a5a186bc8f229d535078b8a9255edf06e7e270fbc66a129f4c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 08:08:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 16 Oct 2024 08:08:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css
fonts.googleapis.com/ 6 KB
801 B 472ms
203ms Stylesheet
text/css 2404:6800:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700,500&display=swap

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80b::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a760d5349ba663509de5311527e5536ed479df1a61eb6ffdad8504d16d2d6ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 08:08:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 16 Oct 2024 08:08:30 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 app.css
kcdn.kueez.net/itsblossom-v3/1724058158597/css/ 103 KB
17 KB 392ms
333ms Stylesheet
text/css 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kcdn.kueez.net/itsblossom-v3/1724058158597/css/app.css
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acc7435f8e161d697eb7319348fdf75f70febfe9a788949132dc8bee301bf663

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
content-encoding: br
cf-bgj: minify
etag: W/"1bd57ba9c0a3ae010743c0783e6bbff5"
age: 1213
cf-cache-status: HIT
access-control-allow-methods: GET, HEAD
cf-polished: origSize=106631
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: text/css
last-modified: Mon, 19 Aug 2024 09:02:53 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-id-2: VvpjJbj548hGYzUqXEO3XBvEcJnEuK/xe4MqA5u0lc24ac8f2QnWjv2K0JoW6MnZ34o3QUSze/w=
x-amz-request-id: W47FJYNCCK8FPSTQ
cf-ray: 8d368fb4ade6863b-PER
access-control-allow-origin: *
server: cloudflare

GET
H3 200 itsblossom.js Show response
static-cdn.kueez.net/units/f6dc156cb4c444143f868a7a0e6b791e/ 6 KB
2 KB 117ms
61ms Script
application/javascript 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.kueez.net/units/f6dc156cb4c444143f868a7a0e6b791e/itsblossom.js
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b3440667471d9d42e06d069967bbd6b7cd70fd225eff51d659e6b538ad3c8fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000,public
content-encoding: br
cf-cache-status: HIT
etag: W/"5fb3809f41deb9e213a813ae05be709c"
age: 75186
x-amz-request-id: 56KMK76NXACMQG2E
cf-ray: 8d368fb4afff8667-PER
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 08:53:07 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: eDt5MooEBRDTY09jyNSXvvLDBFYLL3jRwSnyBpZL4A6VfBCfMzbQW7J539D4tqOUu/KA7p1uUGQb7eMIcjw3ziatBVYPKlkO

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 108 KB
33 KB 416ms
222ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

86654bbfb15c7d2db42678c9c98557deef71b8ec18b2022b13161c82a77da9f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-encoding: br
etag: 824 / 20012 / m202410100101 / config-hash: 12430859395956419716
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 08:08:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33673
x-xss-protection: 0
server: cafe

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 324 KB
80 KB 289ms
101ms Script
application/javascript 108.158.30.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.30.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-30-125.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"907cbdd883935369790d45cc9bd9e8b7"
age: 552
via: 1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront), 1.1 30a845a852b74a2965aabbcb6034301e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: S-R7PLLmFpA5o1KC9paXt9YutxseIMs5no13-1vOl-Wwh6V7uEg31Q==
date: Wed, 16 Oct 2024 07:59:19 GMT
content-type: application/javascript
last-modified: Wed, 18 Sep 2024 17:13:23 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2, SYD3-P2
x-amz-server-side-encryption: AES256

GET
H3 200 21625511399.js Show response
static-cdn.kueez.net/1d5147c27/assets/common/js/publish/a9/ 12 KB
6 KB 153ms
109ms Script
application/javascript 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/a9/21625511399.js
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5086dd2d76ad6f85300b6e9fc9d1ae5da26291d038f2b4817a000314e94f62d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
content-encoding: br
cf-cache-status: HIT
etag: W/"c243b95a67ce81a12bf518858f3709c3"
age: 231853
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: application/javascript
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 13 Oct 2024 14:42:39 GMT
x-amz-id-2: 5g0VL3903gRJoP5JTM/9FPq7XYJ8ISWtmLWoZ2HEvN8PXv25mid2EvLQju/qAI54rIr9nP3iCLteFuDqwVQOWnNQEYoEEk+t
cache-control: max-age=2600000,public
x-amz-request-id: 4DZ5KE5HQ84RJ6M1
cf-ray: 8d368fb48dd2863b-PER
access-control-allow-origin: *
server: cloudflare

GET
H3 200 jquery-3.3.1.min.js Show response
static-cdn.kueez.net/1d5147c27/assets/common/js/vendor/ 85 KB
31 KB 104ms
62ms Script
application/javascript 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/vendor/jquery-3.3.1.min.js
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
content-encoding: br
cf-cache-status: HIT
etag: W/"a09e13ee94d51c524b7e2a728c7d4039"
age: 231853
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: application/javascript
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 13 Oct 2024 14:42:39 GMT
x-amz-id-2: x8i1uCzVvDRnOh16/dC6Ac101U5tboDqppCQ5PhtEQiWds0KzHgaq3+PWiO3HgfR71K8I6U9fqMqtD+l1lurfRLxHcTo+916
cache-control: max-age=2600000,public
x-amz-request-id: 4DZB038BTP8P2DP0
cf-ray: 8d368fb48dcd863b-PER
access-control-allow-origin: *
server: cloudflare

GET
H3 200 itsblossom.default.js Show response
static-cdn.kueez.net/1d5147c27/assets/itsblossom/js/ 610 KB
266 KB 151ms
109ms Script
application/javascript 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.kueez.net/1d5147c27/assets/itsblossom/js/itsblossom.default.js
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b123e11dd71854b0f11dfb2240cf705626c8675895461ced693dc1a748907c60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
content-encoding: br
cf-cache-status: HIT
etag: W/"968072a97903cb7105f7155d41512acf"
age: 129332
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: application/javascript
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 13 Oct 2024 14:42:09 GMT
x-amz-id-2: iH/mQMwW3HWnJObh7Gbg0yU/4wxGh1B8F9oCwAcDGCIOhtZXAokchNy9ts/diHVz63iw2Co1UFg=
cache-control: max-age=2600000,public
x-amz-request-id: K023E10HCYSQ59MS
cf-ray: 8d368fb48dcf863b-PER
access-control-allow-origin: *
server: cloudflare

GET
H3 200 prebid.js Show response
static-cdn.kueez.net/1d5147c27/assets/common/js/publish/ 518 KB
157 KB 342ms
300ms Script
application/javascript 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6268200501ff8843250bba67849a1b66957d00371249a2b687a69a9ab465ece

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: x-amz-meta-access-control-allow-origin, x-amz-meta-access-control-allow-methods
content-encoding: br
cf-cache-status: HIT
etag: W/"0ce92919402c63e368b2da27a1ea5f8f"
age: 231853
access-control-allow-methods: GET, HEAD
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: application/javascript
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Sun, 13 Oct 2024 14:42:39 GMT
x-amz-id-2: bQJDFTVHHZ62D6sRMNxzMWsMhfTYQbp29zqJisaQuGZdrVi0z6SpCHj7s/EQEttUsuTqjNJwMdnta2f61jg9cW0DwhcaTcM0
cache-control: max-age=2600000,public
x-amz-request-id: 4DZ1J1N69MV395VV
cf-ray: 8d368fb48dd3863b-PER
access-control-allow-origin: *
server: cloudflare

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
92 KB 498ms
212ms Script
application/javascript 2404:6800:4006:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EDGCGYKV72

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b8ccf9d62a53c73e672128e5ae9df11c7e8321f157a5e5e6e46fb3fbaa58057e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 08:08:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 93881
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 head-logo.png
kcdn.kueez.net/itsblossom-v3/1724058158597/img/ 13 KB
13 KB 119ms
63ms Image
image/png 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kcdn.kueez.net/itsblossom-v3/1724058158597/img/head-logo.png
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43b1d1432cee6d6968b68090aace7bfafdfbcf9e49fc971e2f3e38b3e30d1536

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cf-bgj: imgq:100,h2pri
etag: "f01571fa94a03b8ce955d098d2cf7540"
age: 1213
cf-cache-status: HIT
cf-polished: status=format_not_supported
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: image/png
last-modified: Mon, 19 Aug 2024 09:02:45 GMT
vary: Accept-Encoding
x-amz-id-2: 3KWG4bII/xat6nGOBEwOilGqvz8RoxX6MsZpPQM0lPkvOsqmfLV7FGRaJlAhWPCy5tr2vUhbCh4=
x-amz-request-id: W479QVBP1DCXJMZK
cf-ray: 8d368fb4a8038667-PER
accept-ranges: bytes
content-length: 12868
server: cloudflare

GET
DATA 200
OK truncated
/ 100 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2eba9c91b824dbd87e60c31aa8beced03d7f21c6fbe38807a8825170c05d2b25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 515 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a77eaaef19da297f84e0525bed6e789298d7631e5db89666df3458abbc70c708

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 thumbnail.png
kcdn.kueez.net/itsblossom-v3/1724058158597/img/ 8 KB
8 KB 597ms
596ms Image
image/webp 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kcdn.kueez.net/itsblossom-v3/1724058158597/img/thumbnail.png
Requested by: Host: kcdn.kueez.net
URL: https://kcdn.kueez.net/itsblossom-v3/1724058158597/css/app.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe597d200f7fd8db43a0c1c9e1ec49ac63556369548d7375fb77d0964abae71

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://kcdn.kueez.net/itsblossom-v3/1724058158597/css/app.css

Response headers

cf-bgj: imgq:100,h2pri
etag: "7c98de9161b2e9d7438b014cef270876"
cf-cache-status: REVALIDATED
cf-polished: origFmt=png, origSize=9851
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: image/webp
content-disposition: inline; filename="thumbnail.webp"
vary: Accept
last-modified: Mon, 19 Aug 2024 09:02:41 GMT
x-amz-id-2: w0bFDRXYHJr4YxoJgqfiPlF7JWY67XJ8sDBPZ/f7XdJFzM7dZRKuK29HHh3GHw0y8nrQpCLiy9w=
x-amz-request-id: Y8A85C7CNQN95GRE
cf-ray: 8d368fb6ea678667-PER
accept-ranges: bytes
content-length: 8042
server: cloudflare

GET
H2 200 fpd Show response
u.kueezrtb.com/ 404 B
597 B 421ms
313ms XHR
text/plain 2606:4700:10::6816:227b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://u.kueezrtb.com/fpd?_=1729066110664&yv=3afecfa&h=news.itsblossom.com
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/itsblossom/js/itsblossom.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:227b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b82fb8ff7c1b7a9499e6224e174dbac0320ec9c4c74a1089627841144228df0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d368fb87d257380-PER
access-control-allow-origin: https://news.itsblossom.com
content-length: 324
date: Wed, 16 Oct 2024 08:08:31 GMT
server: cloudflare

GET
H3 204 dye
gtrack.news.itsblossom.com/ 0
436 B 631ms
631ms Image
text/plain 172.67.73.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrack.news.itsblossom.com/dye?type=isbt&info=lin_no_utm&ac=1&acm=G2&h=news.itsblossom.com&cc=AU&lo=en&lg=en-US&ly=default&uid=&uidf=0&sid=&pvi=&co=1&opid=15908&vwg=6&yv=1d5147c27&utmc=&utmco=&utmm=&utms=&utmt=&mbid=&uvo=0&b=Chrome&bv=129.0.0.0&dev=&os=Linux%20x86_64&p=&ig=0&abtv=a&pn=0&pd=0&ard=0&pid=15908&ciid=null&_=1729066110676&uri=%2Fen%2FsDzHSexkMOasgP8f&furl=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&wh=1600x1200&sr=1600x1200&vv=minutemedia&tab=320
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hvDfKOfGMiBlDiWGqUP%2FhvSa323OlpCN5t0HnFBZ%2FS02IXfxj5KSB5IwbzAfQzGrkIdCxlByW%2FFTc0A6xpxbjYoOlrDr%2FXQTKWdhbuDKoPuEBrIMATu82TxC6tyHlyymbTkLtBTrWcXcBgwU"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d368fb7ee3f8673-PER
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:31 GMT
vary: Accept-Encoding
server: cloudflare
cf-apo-via: origin,host

GET
H3 204 dye
track.news.itsblossom.com/ 0
432 B 580ms
580ms Image
text/plain 172.67.73.228
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.news.itsblossom.com/dye?type=isbt&info=lin_no_utm&ac=1&acm=G2&h=news.itsblossom.com&cc=AU&lo=en&lg=en-US&ly=default&uid=&uidf=0&sid=&pvi=&co=1&opid=15908&vwg=6&yv=1d5147c27&utmc=&utmco=&utmm=&utms=&utmt=&mbid=&uvo=0&b=Chrome&bv=129.0.0.0&dev=&os=Linux%20x86_64&p=&ig=0&abtv=a&pn=0&pd=0&ard=0&pid=15908&ciid=null&_=1729066110676&uri=%2Fen%2FsDzHSexkMOasgP8f&furl=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&wh=1600x1200&sr=1600x1200&vv=minutemedia&tab=320
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.73.228 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K8K8Ah%2FA8VpVrd0FfRlvQ3Sfg%2F22zyFVX6MMu8mqtegPwGuYUHzCavnkPkUmDNNT7t4hAQl7oS1mO5IKygjc12hSjIjn26fTq7NHFf0jgDbRqK7qt9Jv7IA4y0voTiD35a1mWPJ7G8GObB0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d368fb7e8508ad0-PER
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 16 Oct 2024 08:08:31 GMT
vary: Accept-Encoding
server: cloudflare
cf-apo-via: origin,host

GET
H3 204 dye
otrack.kueez.net/ 0
121 B 400ms
338ms Image
text/plain 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://otrack.kueez.net/dye?type=isbt&info=lin_no_utm&ac=1&acm=G2&h=news.itsblossom.com&cc=AU&lo=en&lg=en-US&ly=default&uid=&uidf=0&sid=&pvi=&co=1&opid=15908&vwg=6&yv=1d5147c27&utmc=&utmco=&utmm=&utms=&utmt=&mbid=&uvo=0&b=Chrome&bv=129.0.0.0&dev=&os=Linux%20x86_64&p=&ig=0&abtv=a&pn=0&pd=0&ard=0&pid=15908&ciid=null&_=1729066110676&uri=%2Fen%2FsDzHSexkMOasgP8f&furl=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&wh=1600x1200&sr=1600x1200&vv=minutemedia&tab=320
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cf-ray: 8d368fb84bf38667-PER
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 08:08:31 GMT
server: cloudflare

GET
H3 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 292ms
98ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700,500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://fonts.googleapis.com/

Response headers

age: 108308
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 02:03:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 02:03:22 GMT
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33092
x-xss-protection: 0
server: sffe

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/ 481 KB
149 KB 100ms
100ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f98d5fca3c93eb8086952c200e59dc21fc7b2ad893b5680cec00f4b7f2a38215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-encoding: br
etag: 3420270987438694644
age: 74103
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 11:33:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Tue, 15 Oct 2024 11:33:27 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 152663
x-xss-protection: 0
server: cafe

GET
H2 200 code Show response
players.voltaxservices.io/players/01g6x7v1b2as/ 30 KB
9 KB 657ms
452ms Script
application/javascript 2600:9000:2212:f400:3:25e2:740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://players.voltaxservices.io/players/01g6x7v1b2as/code
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/itsblossom/js/itsblossom.default.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:f400:3:25e2:740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.25.5 /
Resource Hash: 2e1f5481042c018e071942d4e1ab92f5071da2aaa0609881fcdb03f75b3682e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: private, no-store
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 e575582c24a1bc95cd06311c3837a63a.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: NC4Dk7g6MTpYcpK-DpYl6XWMnAhovWALNTXHYMUIuEtnRHfEx0zT3A==
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/javascript
vary: Accept-Encoding
server: nginx/1.25.5
x-amz-cf-pop: SYD62-P1
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 image-nNZVdClloGPsXBg9.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 41 KB
41 KB 64ms
63ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-nNZVdClloGPsXBg9.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e90ac97211ae6ec339f01e4053a7809818e59aa4fafb3b02ef68559b393bf907

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-bgj: imgq:100,h2pri
etag: "438eb3d86f40d9172cccf1fe0b91637f"
age: 208165
cf-cache-status: HIT
cf-ray: 8d368fb87cbe8642-PER
accept-ranges: bytes
cf-polished: origSize=41740
alt-svc: h3=":443"; ma=86400
content-length: 41732
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 image-nNZVdClloGPsXBg9.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 41 KB
0 0ms
0ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-nNZVdClloGPsXBg9.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e90ac97211ae6ec339f01e4053a7809818e59aa4fafb3b02ef68559b393bf907

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-bgj: imgq:100,h2pri
etag: "438eb3d86f40d9172cccf1fe0b91637f"
age: 208165
cf-cache-status: HIT
cf-ray: 8d368fb87cbe8642-PER
accept-ranges: bytes
cf-polished: origSize=41740
alt-svc: h3=":443"; ma=86400
content-length: 41732
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 image-iHhcPkRR2oooMtfu.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 28 KB
28 KB 61ms
60ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-iHhcPkRR2oooMtfu.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15988b8db1378390e764f9bcb5c33d9ce9d7f940eb765c451b7cb67921cafb70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-bgj: imgq:100,h2pri
etag: "d7ed9fea207da36a2e153d087564cffb"
age: 208164
cf-cache-status: HIT
cf-ray: 8d368fb8ed2a8642-PER
accept-ranges: bytes
cf-polished: origSize=28446
alt-svc: h3=":443"; ma=86400
content-length: 28438
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 image-P2tIbsNl1lR3pAxw.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 24 KB
24 KB 57ms
57ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-P2tIbsNl1lR3pAxw.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: accf2e634bcd5d4c278bb8d8e803cc3adcc95d01f266989004c719ec40a91c2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-bgj: imgq:100,h2pri
etag: "cb5b33dc0c6d76c4c7f3a68465fb54f6"
age: 208163
cf-cache-status: HIT
cf-ray: 8d368fb95d8f8642-PER
accept-ranges: bytes
cf-polished: origSize=24466
alt-svc: h3=":443"; ma=86400
content-length: 24458
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 image-8cMNilnVqAWcpUM9.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 37 KB
38 KB 58ms
58ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-8cMNilnVqAWcpUM9.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f955e3d246cad8925383139426b042bd3aade38e389fb7d1c2ecd889a5d1def

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-bgj: imgq:100,h2pri
etag: "37bfc00312b94d0d8b8ec62aa60b4125"
age: 208155
cf-cache-status: HIT
cf-ray: 8d368fb9be0c8642-PER
accept-ranges: bytes
cf-polished: origSize=38375
alt-svc: h3=":443"; ma=86400
content-length: 38367
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:24 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 image-mPFw6c49pmpSsVAj.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 43 KB
43 KB 58ms
57ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-mPFw6c49pmpSsVAj.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f60dfa7dc03332e293c76790aa260f37ef8345d68130bc2aec0c0215b6573be4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-bgj: imgq:100,h2pri
etag: "3a461c0c942d959a786b213dfd915689"
age: 208144
cf-cache-status: HIT
cf-ray: 8d368fba2e608642-PER
accept-ranges: bytes
cf-polished: origSize=43854
alt-svc: h3=":443"; ma=86400
content-length: 43846
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:21 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame D3A6 0
0 296ms
97ms Document
text/html 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/static/topics/topics_frame.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.itsblossom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 2218
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000, stale-while-revalidate=3600
content-encoding: br
content-length: 29415
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 07:31:33 GMT
expires: Wed, 16 Oct 2024 08:21:33 GMT
last-modified: Mon, 14 Oct 2024 19:44:52 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 43 KB
13 KB 296ms
101ms Script
text/javascript 108.158.32.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-44.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7db46e1255a018ecf02f47b2c19c26c4"
age: 47303
via: 1.1 db487bbf70af29af96ef50a3f5b469d4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: FU6DsP2uN6hgBznAJYXNM1XwKTzeiv68Kw1t5Eh_A01b1YvqUdEjBA==
date: Tue, 15 Oct 2024 19:00:09 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:40 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 409ms
135ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

5e8020e3d61bfee03a48ca66498521053b0bdcc1a3d8791250ac9bf0f768cbf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"66d98e6d-a677"
cross-origin-resource-policy: cross-origin
expires: Thu, 17 Oct 2024 08:08:31 GMT
access-control-allow-origin: *
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: text/javascript
last-modified: Thu, 05 Sep 2024 10:56:45 GMT
server: nginx

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 265ms
85ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202410100101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

x-goog-metageneration: 1
content-encoding: gzip
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag: "df5542b88bc0e368c6999754a5b9e2ba"
age: 8701
x-goog-stored-content-encoding: gzip
expires: Thu, 16 Oct 2025 05:43:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 7927
date: Wed, 16 Oct 2024 05:43:30 GMT
last-modified: Thu, 27 May 2021 18:30:51 GMT
content-type: application/javascript
x-guploader-uploadid: AHmUCY3dPI7-fyZSMPCk9a_KhODQuO8vFzIaSUkFoV2A7ZGcsQikyKVfailocOHIc1BAuJz4MUY
cache-control: no-transform
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
x-goog-generation: 1622140251693895
content-length: 7927
server: UploadServer

GET
H2 200 image-WKPwihVNxVlafjBE.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 31 KB
31 KB 406ms
405ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-WKPwihVNxVlafjBE.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac6706f2f77aaab3b69118b5aaf8ed6eb062eb6f27fbd856ae91c88bb0617988

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-cache-status: MISS
etag: "8a26efde483773434aeaac5da71bd286"
cf-ray: 8d368fbacf048642-PER
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 31694
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:22 GMT
vary: Accept-Encoding
server: cloudflare

POST /
shb.richaudience.com/hb/ 0
0

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
175 B 1484ms
840ms Fetch
application/json 103.253.24.65
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx/1.14.1

POST /
shb.richaudience.com/hb/ 0
0

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
175 B 1497ms
848ms Fetch
application/json 103.253.24.65
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx/1.14.1

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
175 B 1467ms
819ms Fetch
application/json 103.253.24.65
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx/1.14.1

POST /
shb.richaudience.com/hb/ 0
0

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
175 B 1476ms
831ms Fetch
application/json 103.253.24.65
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx/1.14.1

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
176 B 1462ms
816ms Fetch
application/json 103.253.24.65
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx/1.14.1

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
175 B 1473ms
831ms Fetch
application/json 103.253.24.65
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx/1.14.1

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
175 B 1502ms
860ms Fetch
application/json 103.253.24.65
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx/1.14.1

POST /
shb.richaudience.com/hb/ 0
0

POST
H2 200 / Show response
shb.richaudience.com/hb/ 0
175 B 1479ms
839ms Fetch
application/json 103.253.24.65
HURRICANE

General

Check archive.org

Show headers Download Go to

Full URL: https://shb.richaudience.com/hb/
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.253.24.65 , Singapore, ASN6939 (HURRICANE, US),
Reverse DNS
Software: nginx/1.14.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: nginx/1.14.1

POST /
shb.richaudience.com/hb/ 0
0

POST
H2 200 bid Show response
ap.lijit.com/rtb/ 592 B
683 B 955ms
473ms Fetch
application/json 54.71.61.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_8.14.0
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.71.61.99 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-61-99.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e45a8805622e9616021cb445a0c29c4865adb6f2a85e386dd179be557b1b2808

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: https://news.itsblossom.com
content-length: 325
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Content-Type

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 83 B
630 B 501ms
273ms Fetch
application/json 18.67.93.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-18.syd62.r.cloudfront.net
Software: istio-envoy /
Resource Hash: b757edda4683531eccd04a8b7e95e1c8c6ef39fe82ab5d3b06bf809886e59cf5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
via: 1.1 8bec138951dfffa4e8e0ac983bb30e76.cloudfront.net (CloudFront)
access-control-allow-origin: https://news.itsblossom.com
x-cache: Miss from cloudfront
content-length: 108
x-amz-cf-id: Tb8THrP4blZHkuUVu-hEu6TGYsO5mQSbzpD25z6vwi1-nNItPOEYeA==
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
x-amz-cf-pop: SYD62-P1
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 4 KB
1 KB 1002ms
443ms Fetch
application/json 34.168.25.131
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&PageUrl=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&PageReferrer=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&CanonicalUrl=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f

Requested by

Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.168.25.131 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

131.25.168.34.bc.googleusercontent.com

Software

Resource Hash

dde489af8accc67efe91663fe49230fd741a5559ec020e010609a6f9b907c102

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-max-age: 3600
content-encoding: gzip
access-control-allow-methods: OPTIONS, POST
x-content-type-options: nosniff
expires: 0
x-kong-proxy-latency: 2
p3p: CP="CAO PSA OUR"
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: Accept-Encoding, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-kong-request-id: dbc9b2798d8e580787862e0e97518b42
pragma: no-cache
access-control-allow-credentials: true
via: kong/3.6.1
x-kong-upstream-latency: 170
access-control-allow-origin: https://news.itsblossom.com
content-length: 744

POST
H2 204 prebid Show response
ssp.disqus.com/bid/ 0
287 B 1222ms
595ms Fetch 3.218.235.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.disqus.com/bid/prebid
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.218.235.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-235-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

expires: 0
access-control-allow-origin: https://news.itsblossom.com
cache-control: no-store
date: Wed, 16 Oct 2024 08:08:32 GMT
pragma: no-cache
vary: origin
access-control-allow-credentials: true

POST 6703d4e4a2030208727d048a
prebid.cootlogix.com/prebid/multi/ 0
0

POST
H2 204 6703d4e4a2030208727d048a Show response
prebid.cootlogix.com/prebid/multi/ 0
960 B 1486ms
793ms Fetch 198.211.110.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.211.110.247 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 204 6703d4e4a2030208727d048a Show response
prebid.cootlogix.com/prebid/multi/ 0
953 B 1499ms
806ms Fetch 198.211.110.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.211.110.247 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST 6703d4e4a2030208727d048a
prebid.cootlogix.com/prebid/multi/ 0
0

POST
H2 204 6703d4e4a2030208727d048a Show response
prebid.cootlogix.com/prebid/multi/ 0
956 B 1509ms
815ms Fetch 198.211.110.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.211.110.247 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 204 6703d4e4a2030208727d048a Show response
prebid.cootlogix.com/prebid/multi/ 0
947 B 1506ms
818ms Fetch 198.211.110.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.211.110.247 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST 6703d4e4a2030208727d048a
prebid.cootlogix.com/prebid/multi/ 0
0

POST
H2 204 6703d4e4a2030208727d048a Show response
prebid.cootlogix.com/prebid/multi/ 0
953 B 1491ms
802ms Fetch 198.211.110.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.211.110.247 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST 6703d4e4a2030208727d048a
prebid.cootlogix.com/prebid/multi/ 0
0

POST
H2 204 6703d4e4a2030208727d048a Show response
prebid.cootlogix.com/prebid/multi/ 0
959 B 1466ms
776ms Fetch 198.211.110.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.211.110.247 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST 6703d4e4a2030208727d048a
prebid.cootlogix.com/prebid/multi/ 0
0

POST
H2 204 6703d4e4a2030208727d048a Show response
prebid.cootlogix.com/prebid/multi/ 0
984 B 1485ms
798ms Fetch 198.211.110.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.211.110.247 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:32 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST 6703d4e4a2030208727d048a
prebid.cootlogix.com/prebid/multi/ 0
0

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 56 B
542 B 357ms
177ms Fetch
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUP3XH66
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: 324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time: 4
access-control-allow-credentials: true
via: 1.1 google
expires: Wed, 16 Oct 2024 08:08:31 GMT
access-control-allow-origin: https://news.itsblossom.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json;charset=utf-8
server: envoy

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 356ms
156ms Fetch 67.199.150.87
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.87 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: https://news.itsblossom.com
date: Wed, 16 Oct 2024 08:08:31 GMT
access-control-allow-credentials: true

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 25 B
321 B 646ms
280ms Fetch
application/json 2406:2600:7:100::2a
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://grid.bidswitch.net/hbjson

Requested by

Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::2a , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

45d7de56a035af27c4813e9681b7a175aa12bd0283a71f84323b156f7a8b3428

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-store, must-revalidate, no-cache
content-encoding: br
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding, Origin
server: Kestrel

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 902 B
2 KB 1377ms
474ms Fetch
application/json 89.149.193.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.193.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: d9d17a44792958ec1df65d698ed89b1dd9e67f15dcd43e7cac0e1faee1e5947f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 863 B
2 KB 1214ms
311ms Fetch
application/json 89.149.193.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.193.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: c15ad63c8fccd1373d5b6e9d1e2f61b452d7951174b84825421b4e45d2122c25

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 898 B
2 KB 1226ms
323ms Fetch
application/json 89.149.193.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.193.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 90b1aac26d5126aed6ca497f87af5d2517e572d4fc6a5b043a6635b83ae30bdd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
2 KB 1339ms
436ms Fetch
application/json 89.149.193.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.193.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: b48e33952ffd734c4f1536fa1a8190b7c0439e80d9c96b647d9b580738ba7411

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 816 B
2 KB 1259ms
335ms Fetch
application/json 89.149.193.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.193.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 382ee996d7dd5018b05e885c748449f08a6115b64f029eb93c9a65e4bb03fdca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST v1
prg.smartadserver.com/prebid/ 0
0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 925 B
2 KB 1224ms
325ms Fetch
application/json 89.149.193.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.193.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 7fb63e9d9a4a00c01f2cf75afd831cd62b250b8e046b95bb6f4516f8061df624

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST v1
prg.smartadserver.com/prebid/ 0
0

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
556 B 569ms
373ms Fetch
application/json 51.79.154.29
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 200 prebidjs Show response
rtb.openx.net/openrtbb/ 53 B
296 B 354ms
172ms Fetch
text/plain 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.openx.net/openrtbb/prebidjs
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 6478236da4ae8d9298c45cb5637071c130a118ee8881c6c132d55f20a38d2a66

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
x-forwarded-for: 103.108.231.84
access-control-allow-credentials: true
observe-browsing-topics: ?1
via: 1.1 google
access-control-allow-origin: https://news.itsblossom.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
date: Wed, 16 Oct 2024 08:08:30 GMT
content-type: text/plain
vary: Origin

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
757 B 416ms
221ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=300e0fa3c16c76fc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-0&slots=1&rand=0.7178886414665371
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b6bd3c5cd2fde939f16e74990308bbc62b3f554566c45219eed7ba8a0d7a9fb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
757 B 420ms
227ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=3017ffa1e8c21ec5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-1&slots=1&rand=0.8378382796830848
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: a9fcf747153ed7cf8e73bbad0c9235f3dcf2e314eab4dd7e52983246f2b27543

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
757 B 454ms
260ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=302b65bee52b706a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-2&slots=1&rand=0.9120610397221254
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 10b3d3fe727902aa797d19bbaa25c4b5e9738b420aa1e3aae70a77a9fe50b0e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
758 B 448ms
255ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=303f9da9460f6008&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-3&slots=1&rand=0.5907489844740339
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ace62ef04152a429e5ce356f3cbd0bd3cd011a16b80b401cb5acf47748a23b39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
757 B 375ms
182ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=304f6b8ff7273457&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-4&slots=1&rand=0.44682610600383543
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8398c064451b03b9fa505f061d2443e96bdb54d50144ade4886d2f11e80a12b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
934 B 370ms
176ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=3050a06760ac8352&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-5&slots=1&rand=0.6018071767323008
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6375ce7bba59b805522ad4f6c6d4d975da7c4c15500459b81805f52be1c1523a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
756 B 432ms
239ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=306b382889e78ff7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-6&slots=1&rand=0.03471194234168151
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b8697e393ba098ccdc364c4e846f08bed2a43503106ba827c57bf965547a65fc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 392 B
753 B 412ms
219ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=307dabf48c677d57&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-7&slots=1&rand=0.15821227172677643
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: ea226c146a672c42790699b22f3b75f863acecb5346a4b3d2a7b4222f9509c85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 392
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
756 B 509ms
317ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=308158074f97b001&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-8&slots=1&rand=0.18114174075372036
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3c92f69d1fb5b0bbd0ab88b8a06d1bcd5a3027e06a8845095198ec63b5c71065

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
757 B 512ms
319ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=309b0c096ffff9ab&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-9&slots=1&rand=0.6733342011001848
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b25cb1947654f9d4b35f44d0847bccee50ab800b263f0b5632b0d914d3571981

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
757 B 373ms
181ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=3107bd9cdbd32fa6&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-10&slots=1&rand=0.01817804884921803
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 287da6139bcbf121bf8eddf3e451bc10bf81d50e174d9937cdb69613d57513fd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
757 B 387ms
197ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=3115ae70323fc7be&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-11&slots=1&rand=0.09141620976090326
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2788f8c56fb7e819228c99cca4101ecb72b50836ad85a1c6632a89ca908f51cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
757 B 460ms
270ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=31299c77b71f34ac&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-12&slots=1&rand=0.8954129177028738
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 73ac1e2196210a7e19368b152b45311c5c4c4aaac6773dddcbda167cc8e59eba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
756 B 463ms
273ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=313429c1703781dc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-13&slots=1&rand=0.27211483939006276
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 93d4af1530b57ef459bcafc61f637794158630b2b9342933d22206d292ed4bef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
757 B 718ms
528ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=31479dcdb450fb51&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-14&slots=1&rand=0.9452768943400292
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: f0c054522c9819d7217c8a8f2f9305dac76be3da3b885f1b04b1cc6314c69a4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
756 B 493ms
303ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=31548fce0e778623&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-15&slots=1&rand=0.8509929690299955
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c0b5b4f46c004f3c2cac828e37e6d91dac9381ff28fae18505434d8f9157f5be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
758 B 502ms
313ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=3166e8d5cbf5aff3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-16&slots=1&rand=0.9385748917145798
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bc8974761974fb20b237a3998a2597c6efd3555c183836b6656984cc97bd8905

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
757 B 452ms
262ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=3177ae814b933778&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-17&slots=1&rand=0.7394113041641979
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 0305f69dce31a611ae03c3617d1026443fd5d1094fccf6d597abc6946e2609c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 396 B
758 B 512ms
323ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=2&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_M&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=3182a2f4e7c9418a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_M%23ya-slot-18&slots=1&rand=0.04630568942031288
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 84487283b5b6b3fa98e39c3e721c43c118996e6136da276a578d76a8d155fadb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 396
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 419 B
781 B 486ms
297ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=15&alt_size_ids=9%2C10&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_S&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=319b9b847d2fe6af&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_S%23ya-slot-35&slots=1&rand=0.12215657990102868
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 14b1c7f4ba69d8abb4ee573de5f5fa51965c31f1d7411bcf745b576dc95445eb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 419
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 419 B
781 B 555ms
366ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=15&alt_size_ids=9%2C10&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_S&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=3202ba4e37067467&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_S%23ya-slot-35&slots=1&rand=0.882299895051762
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 39df885ce5b7090ecad25931397eeda98d7d6e0904b86048177edabd836d2047

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 419
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 419 B
781 B 465ms
276ms Fetch
application/json 2602:803:c006:158::65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20812&site_id=505958&zone_id=3019760&size_id=15&alt_size_ids=9%2C10&p_pos=atf&rf=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.domain=news.itsblossom.com&tg_i.page=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tg_i.pbadslot=%2F21625511399%2C2699062%2FItsBlossom_Art_DE_DESK_S&tk_flint=pbjs_lite_v8.14.0&l_pb_bid_id=32194154e0c13475&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21625511399%2FItsBlossom_Art_DE_DESK_S%23ya-slot-35&slots=1&rand=0.08801614124153967
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d27929798b5075c1a98da65c8161a55bfdc793b2f8065eefd0fca4a0ca843688

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin: https://news.itsblossom.com
content-length: 419
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
vary: Accept-Encoding
server: nginx/1.21.4

POST
H2 200 hb-mm-multi Show response
hb.minutemedia-prebid.com/ 84 B
475 B 727ms
237ms Fetch
application/json 100.20.154.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.minutemedia-prebid.com/hb-mm-multi
Requested by: Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 100.20.154.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-100-20-154-212.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 1e02f95bb37ae11a5f1c50ec744d307eaa94f92d15d6c2c5b41270f9cb2cdab9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
x-envoy-upstream-service-time: 1
access-control-allow-credentials: true
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://news.itsblossom.com
content-length: 109
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json
server: istio-envoy
x-reason: maxmind hosting provider
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 2 KB
2 KB 1394ms
860ms Fetch
application/json 103.43.90.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

b1c9941541a4f1b8fbcfdbf1b0761218f47340abfea8a044035b80d502b9f1f2

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.108.231.84; 103.108.231.84; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://news.itsblossom.com
an-x-request-uuid: 74d7e6a0-5023-4313-8c0a-939b16e6d5aa
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Oct 2024 08:08:32 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.23.4

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 84 KB
14 KB 1393ms
861ms Fetch
application/json 103.43.90.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

6564eb80891836e2cc7058312f75671dd920fac0c652949c82d78c17c7afac6d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.108.231.84; 103.108.231.84; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://news.itsblossom.com
an-x-request-uuid: 92d84b13-1a7e-4279-9095-154169812941
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Oct 2024 08:08:32 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.23.4

POST 65083dbf2854c461afc130bd
exchange.kueezrtb.com/prebid/multi/ 0
0

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
1 KB 295ms
98ms Fetch
application/json 3.0.107.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=8.14.0&referrer=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&tmax=1500

Requested by

Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.0.107.214 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-0-107-214.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: Thu, 15 Oct 1992 20:10:00 GMT
access-control-allow-origin: https://news.itsblossom.com
x-auction-status: 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
521 B 602ms
356ms Fetch 2406:2600:7:100::2a
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.14.0&cb=7336400708&lsavail=0

Requested by

Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::2a , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://news.itsblossom.com
date: Wed, 16 Oct 2024 08:08:30 GMT
vary: Origin
server: Kestrel

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&rid=esp&cc=1

85 B
194 B

333ms
332ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&rid=esp&cc=1
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: d9f863f0fa1501a1dbf9eaf2fdf9e615eefaaee73649a4542e2d176f02bf8964

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

etag: W/"55-VMwgGy8uQOjkd0zwaH7+CPKKsUA"
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://news.itsblossom.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
vary: Origin

Redirect headers

location: /esp?url=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&rid=esp&cc=1
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://news.itsblossom.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 16 Oct 2024 08:08:31 GMT
x-powered-by: Express
vary: Origin

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
697 B 299ms
105ms XHR
application/json 54.169.113.206
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.113.206 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-113-206.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 60eaebf0cdf840d24bfcf34f1bd31259010fb4e0b4598129b078791c974d80b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
pragma: no-cache
access-control-allow-credentials: true
expires: 0
access-control-allow-origin: https://news.itsblossom.com
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 235
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: application/json;charset=utf-8
x-server: 10.42.25.221
server: Jetty(9.4.38.v20210224)

GET
H2 200 voltax_mp.js Show response
mp.mmvideocdn.com/mini-player/prod/ 2 MB
686 KB 315ms
104ms Script
application/x-javascript 2600:9000:2212:3600:e:8add:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Requested by: Host: players.voltaxservices.io
URL: https://players.voltaxservices.io/players/01g6x7v1b2as/code
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:3600:e:8add:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: ff835b66ff37ee4a4bf9de1a4446e07d37689ad2efb23f9262f01a0f9dbaa01c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-encoding: br
x-amz-version-id: LFl5FCQaDrF81wZ28Lu35XXKqJhPaeZ3
etag: W/"fcf8ccc7c24f0a9d9d105b38e4fbffd4"
age: 70670
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: 3JmmI46CcyrV1g-wazlbzWskFO5r10rLyJcLERLJVR77wmkxNgppBA==
date: Tue, 15 Oct 2024 12:30:42 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
last-modified: Tue, 15 Oct 2024 12:30:37 GMT
cache-control: private, no-store
via: 1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 image-RLkW9aF7wki7nlSE.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 32 KB
32 KB 409ms
409ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-RLkW9aF7wki7nlSE.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1779d04b0f80132b580b269fdccef758a88839086cd39651bf85048a97a72b36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-cache-status: MISS
etag: "b4ef810abeba135dd75c03e4325be263"
cf-ray: 8d368fbd59bc8642-PER
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 32889
date: Wed, 16 Oct 2024 08:08:31 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 syncframe
gum.criteo.com/ Frame 530E 0
0 531ms
188ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=news.itsblossom.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://news.itsblossom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 08:08:31 GMT
server: Kestrel
server-processing-duration-in-ticks: 448703
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 image-o777vaMXfyoyWPmM.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 38 KB
38 KB 438ms
437ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-o777vaMXfyoyWPmM.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f30428eec3f71e0c095f64c26d097de57f0e08dc33e0eb929bda524df2f3cd0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-cache-status: MISS
etag: "fb74a8bef96b937462168f1436dad1b3"
cf-ray: 8d368fbfecab8642-PER
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 39174
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:22 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 /
events3.bqstreamer.com/ 0
391 B 458ms
349ms Ping
text/plain 2606:4700:20::681a:367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events3.bqstreamer.com/
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://news.itsblossom.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mLM4yEBoImZ3MXBU9gNtXfX7i8vSXOcxNxVdlSosu1mqHyHf6abUB61n5wePnv12CMmOFM%2FV%2B8KNmJreBP%2BTY6Lt41rbDFJRU%2Bv3Nya09%2FPmolOxoAW7%2FPUsVZDoiXmBmjbMq93bDOzv83rJbc1hcVvis9k%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d368fc2be7c87b5-PER
access-control-allow-origin: *
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: text/plain
vary: Accept-Encoding
server: cloudflare

GET
H3 200 css2
fonts.googleapis.com/ 10 KB
2 KB 387ms
197ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&family=Poppins:wght@200;500&family=Open+Sans:wght@300..800&display=swap

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

a86ef2999a5af962f217a9a65615a898748ee2b90882ef7120a613c20bab2501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 08:08:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Wed, 16 Oct 2024 06:41:28 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 videos Show response
content.voltaxservices.io/playlists/01ekw6mdz1460tdz35/ 3 KB
1 KB 559ms
280ms Fetch
application/json 2600:9000:2083:ac00:1:96ec:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.voltaxservices.io/playlists/01ekw6mdz1460tdz35/videos?url=jvvru%253C11pgyu0kvudnquuqo0eqo1gp1uF%257CJUgzmOQcuiR%253Ah&origin=https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2083:ac00:1:96ec:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f9eedc13e2b65094ae7c6df41e2ed608b6ad3f4ecfcae345eca18ab69d5af2d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=900
content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 65c7d0c3355767ac8658c2122c8280b6.cloudfront.net (CloudFront)
restricted-videos-ids
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 752
x-amz-cf-id: crUlzdY9JD-X3ltDZqSZTsyaa5TCmarRy3N7lIEVKI6r8rSADuPu3Q==
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: CloudFront
x-amz-cf-pop: SYD1-C1
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 cpm Show response
factor-service.prod.voltaxservices.io/ex/ 95 B
618 B 518ms
272ms Fetch
application/json 2600:9000:2215:ce00:1a:7b6f:2940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://factor-service.prod.voltaxservices.io/ex/cpm?key=01g6x7v1b2as:au:%2f216255113992699062%2fmm_video_desktop
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2215:ce00:1a:7b6f:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: cc1d665ea7ac1c2039c9a6cc7aa7d8a90a26bef8922614ca9975960bd7f96ef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=600
content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 0e61cdf08a154ac7d647c2dc742467a6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 112
x-amz-cf-id: XEsFzmGUaH1fWYSa_gqnL6r8BNfceENcq3fL6pp4_B6PMa8HlqYlYg==
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
last-modified: Wed, 16 Oct 2024 08:08:32 GMT
server: CloudFront
x-amz-cf-pop: SYD62-P2
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 ssps Show response
factor-service.prod.voltaxservices.io/ 2 KB
1008 B 518ms
271ms Fetch
application/json 2600:9000:2215:ce00:1a:7b6f:2940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://factor-service.prod.voltaxservices.io/ssps?mmPlayerLvl1=FLOOR:au:desktop:news.itsblossom.com:chrome:linux::01j29mr1basfsdpgej
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2215:ce00:1a:7b6f:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f1f84f75015d806964ab64f1e1a581b12fc5d9054370ec44bdae64600ac6ef26

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=600
content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 0e61cdf08a154ac7d647c2dc742467a6.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 501
x-amz-cf-id: tqqUUkqB8lwX4c5uywGB2WtgmFtSs_a0hwLLAOrJG9vygjAtOvTn6Q==
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
last-modified: Wed, 16 Oct 2024 08:08:32 GMT
server: CloudFront
x-amz-cf-pop: SYD62-P2
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 voltax_mp_bridge.html
mp.mmvideocdn.com/mini-player/scripts/ Frame 6F5C 0
0 280ms
92ms Document
text/html 2600:9000:2212:8200:e:8add:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.mmvideocdn.com/mini-player/scripts/voltax_mp_bridge.html
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:8200:e:8add:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash

Request headers

Referer: https://news.itsblossom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 1189978
alt-svc: h3=":443"; ma=86400
cache-control: private, no-store
content-encoding: br
content-type: text/html
date: Wed, 02 Oct 2024 13:35:35 GMT
etag: W/"05385d03c1a1b13348c6ae45a38c2524"
last-modified: Thu, 05 Sep 2024 07:59:30 GMT
server: CloudFront
vary: Accept-Encoding Origin
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
x-amz-cf-id: 43GTMSm1vKfcV5lsLbafe_rm2oKVc_-Vtr18LlPuX74S3-jPp32a-g==
x-amz-cf-pop: SYD62-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: pROuiWvBbpXDCKItMFRf3Mlg8VpOZCtc
x-cache: Hit from cloudfront

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 2FAA 324 KB
0 0ms
0ms Script
application/javascript 108.158.30.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.30.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-30-125.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"907cbdd883935369790d45cc9bd9e8b7"
age: 552
via: 1.1 80221b5cb6d99c6010a1a445f2ea0f30.cloudfront.net (CloudFront), 1.1 30a845a852b74a2965aabbcb6034301e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: S-R7PLLmFpA5o1KC9paXt9YutxseIMs5no13-1vOl-Wwh6V7uEg31Q==
date: Wed, 16 Oct 2024 07:59:19 GMT
content-type: application/javascript
last-modified: Wed, 18 Sep 2024 17:13:23 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P2, SYD3-P2
x-amz-server-side-encryption: AES256

GET
H2 200 2960f87904 Show response
pb-rtd-minutemedia.ccgateway.net/v1.0/realtime/ 379 B
721 B 802ms
320ms Fetch
application/json 35.92.206.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-rtd-minutemedia.ccgateway.net/v1.0/realtime/2960f87904?profile_id=8774333e-c6cb-4b8b-b213-7564197c4509&url=https%253A%252F%252Fnews.itsblossom.com%252Fen%252FsDzHSexkMOasgP8f&context=true&audience=true&deal_ids=true&custom_taxonomy=true
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.92.206.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-92-206-26.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: ca3059eb3823a50467d74f4b9885f726d759e1799dc93b20a95c5cffbf9f3181

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=3600
etag: "379-7cbb034d"
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
content-length: 379
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/json; charset=utf-8
vary: Origin

GET
H2 200 454 Show response
a.ad.gt/api/v1/u/matches/ 13 KB
4 KB 479ms
366ms Script
application/javascript 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/454?url=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&ref=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 131b063816c6c579887fae31835e30f57f90d66b6e0c1e65c9a8aad55d6dcb67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: EXPIRED
cross-origin-resource-policy: cross-origin
cf-ray: 8d368fc4ba9187b8-PER
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 08:08:32 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 prebid Show response
prediction.voltaxam.com/player/creatives/ 30 KB
4 KB 476ms
268ms Fetch
application/json 2600:9000:2212:c200:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prediction.voltaxam.com/player/creatives/prebid
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:c200:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 04be17c7bf6650d3cb52f78bdf904f227fac5b91fba436c59847b02e3a190915

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: u3gltOIX2nWvgkFMtzfG8pzXmBhzlfTVS4dY9pUg_loozmzX8qwxSg==
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: SYD62-P1
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
47 KB 101ms
101ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,500,700,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://fonts.googleapis.com/

Response headers

age: 409392
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 11 Oct 2025 14:25:20 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 11 Oct 2024 14:25:20 GMT
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48236
x-xss-protection: 0
server: sffe

POST
H2 200 predict Show response
prediction.voltaxam.com/player/ 245 B
618 B 472ms
268ms Fetch
application/json 2600:9000:2212:c200:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prediction.voltaxam.com/player/predict
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:c200:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0624dc6c81d0fa56d0a3777ed19d0647b08c825942f1b7d8907d783202162446

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 175
x-amz-cf-id: i5wzq9EC6wfLTWn6AUj3gRe07YXdrmJ5pESB-3IhzBY6Oq5hIW8bhw==
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: SYD62-P1
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 423 KB
145 KB 593ms
302ms Script
text/javascript 2404:6800:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

653132f05e285c7345994f3ac2b0560261af382c96aac27e55beb31db17cd7de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 08:08:33 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147963
date: Wed, 16 Oct 2024 08:08:33 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

POST
H2 200 videos Show response
rtb.voltaxam.com/ 76 B
749 B 472ms
265ms Fetch
application/json 2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.voltaxam.com/videos?group=57
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7027dbae67f41fadc9e72c562881a74709445fe9d0e983c208494889950918fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
mm-env: production-ssp
access-control-allow-origin: https://news.itsblossom.com
x-cache: Miss from cloudfront
content-length: 100
x-amz-cf-id: RrWKDUmFM4km02ObEPo-8_XEnPcxRFv-PlEcCk-k_L4nSAgGTNyclA==
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: SYD62-P1
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 image-EqY4bRk4KxKhlTaj.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 26 KB
26 KB 410ms
409ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-EqY4bRk4KxKhlTaj.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6062da8471bfc7325b01aee91f4cd691784d52bf89a470b130fe676813bedbe9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-cache-status: MISS
etag: "3f6d9485df8ded3bdbff52dcfa9c02f8"
cf-ray: 8d368fc458768642-PER
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 26368
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 pd
google-bidout-d.openx.net/w/1.0/ Frame 87A6 0
0 390ms
217ms Document
text/html 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash

Request headers

Referer: https://news.itsblossom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 372
content-type: text/html
date: Wed, 16 Oct 2024 08:08:32 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 2FAA 6 KB
3 KB 281ms
94ms XHR
application/javascript 108.158.30.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.30.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-30-125.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 28008
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: LwuUecHIlWji5-MtsgATaM4HJhyNfNgxG2dEbb0zhWCpIp_OMp5qZQ==
date: Wed, 16 Oct 2024 07:10:40 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 435dfd2ccb739fd32ab23d873305cce2.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: SYD3-P2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 95550f43-0974-4ce7-9e2c-9558931ffc50 Show response
config.aps.amazon-adsystem.com/configs/ Frame 2FAA 563 B
830 B 281ms
93ms Script
application/javascript 108.158.32.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/95550f43-0974-4ce7-9e2c-9558931ffc50
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-16.syd3.r.cloudfront.net
Software: CloudFront /
Resource Hash: 090b82a119da991dfb25cf544657685c94b076df21c98c4c6a718cffd4e5b52d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=3600
age: 3394
via: 1.1 30a845a852b74a2965aabbcb6034301e.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 563
x-amz-cf-id: JrdlNHH5wkCn7JNtQVSvFOCKDsvsm5sAEW1VF6ID8bxybOPOh0xf9Q==
date: Wed, 16 Oct 2024 07:11:58 GMT
content-type: application/javascript
x-amz-cf-pop: SYD3-P2
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 2FAA 3 KB
3 KB 95ms
95ms XHR
application/json 108.158.30.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnews.itsblossom.com&pubid=95550f43-0974-4ce7-9e2c-9558931ffc50
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.30.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-30-125.syd3.r.cloudfront.net
Software: Server /
Resource Hash: 921950e7c750ad2f5d84225a8e721084f5d99012fb1cac54e73a58e6ba075fb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 8657
access-control-allow-credentials: true
via: 1.1 30a845a852b74a2965aabbcb6034301e.cloudfront.net (CloudFront)
access-control-allow-origin: https://news.itsblossom.com
x-cache: Hit from cloudfront
content-length: 3059
x-amz-cf-id: -lQ9zSw-9P92Sm99hIkxJDwKVAWQvFv4xFnFGOyG4j1tXAf-gBKAWw==
date: Wed, 16 Oct 2024 05:44:15 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: SYD3-P2
server: Server

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 2FAA 23 B
378 B 412ms
221ms XHR
text/javascript 108.158.35.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&pid=jKrkXhukY4E3a&cb=0&ws=0x8&v=24.827.1552&t=5000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A10%2C%22id%22%3A%22MinuteMediaOutStream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22704x396%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22mobile%22%3A0%2C%22source%22%3A1%2C%22platform%22%3A%7B%22brand%22%3A%22%22%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=%5B%22csngn4%22%5D&schain=1.0%2C1%21kueez.com%2Cbd44ade20c8ba1fefca57b320f325495%2C1%2C%2C%2C&sm=9a10bce2-6081-488f-824c-9624546cb978&pubid=95550f43-0974-4ce7-9e2c-9558931ffc50&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.35.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-35-170.syd3.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 db487bbf70af29af96ef50a3f5b469d4.cloudfront.net (CloudFront)
access-control-allow-origin: https://news.itsblossom.com
x-cache: Miss from cloudfront
content-length: 43
x-amz-cf-id: HqhxRSCOkck9vZrAYmfY_mMwck19YAfQAqPhkw1xpL0FPXvFNTTmlA==
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: SYD3-P2
server: Server

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 141ms
141ms Script
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.139.js

Requested by

Host: static-cdn.kueez.net
URL: https://static-cdn.kueez.net/1d5147c27/assets/common/js/publish/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"653a6f57-17cae"
cross-origin-resource-policy: cross-origin
expires: Thu, 17 Oct 2024 08:08:32 GMT
access-control-allow-origin: *
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: text/javascript
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx

GET
H2 200 ats.js Show response
ats.rlcdn.com/ Frame 2FAA 110 KB
37 KB 303ms
105ms Script
text/javascript 13.35.147.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-103.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding
content-encoding: gzip
etag: W/"b248cc9d0fdeb36bdeb7efabad1132ee"
x-amz-version-id: 3aZ5d2fLjOQ6QFd_Uz.oPTkcCqeZ7CeF
age: 32632
via: 1.1 56e3030ee748cd5ccc335e8eb40c7800.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: LOkxIDgUephFaZ3hUZ6E7yj2SwohuOM-gjpAvauufy7Vq-ltIDL8VQ==
date: Tue, 15 Oct 2024 23:04:51 GMT
content-type: text/javascript
last-modified: Thu, 26 Sep 2024 12:57:19 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C1
x-amz-server-side-encryption: AES256

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 2FAA 54 KB
17 KB 290ms
93ms Script
application/javascript 23.198.52.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.198.52.22 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-198-52-22.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=900
content-encoding: gzip
etag: "d734-5f2f3919e751f-gzip"
expires: Wed, 16 Oct 2024 08:23:33 GMT
accept-ranges: bytes
content-length: 17407
date: Wed, 16 Oct 2024 08:08:33 GMT
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
content-type: application/javascript
server: Apache
vary: Accept-Encoding

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16576/ Frame 2FAA 43 KB
13 KB 103ms
102ms Script
text/javascript 108.158.32.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.32.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-32-44.syd3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

vary: Accept-Encoding
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ad78eaf46246cac6849005eb8b50ae6f"
age: 47304
via: 1.1 db487bbf70af29af96ef50a3f5b469d4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: whkgLF9JfYG8KwWbjwNiqCOcI3GVehsK1u6ypHU49HuVjqHuLv3Qig==
date: Tue, 15 Oct 2024 19:00:09 GMT
content-type: text/javascript
last-modified: Tue, 20 Aug 2024 18:47:23 GMT
server: AmazonS3
x-amz-cf-pop: SYD3-P2
x-amz-server-side-encryption: AES256

GET
H2 200 hadron.js Show response
cdn.hadronid.net/ Frame 2FAA 56 KB
12 KB 173ms
59ms Script
application/javascript 2606:4700:10::6816:35ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&_it=amazon&partner_id=521
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:35ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=432000
content-encoding: br
cf-bgj: minify
etag: W/"1e77f38a1df1490d4175e3c4878bd150"
age: 467
cf-cache-status: HIT
x-amz-request-id: 4GNTEWM5RE8S976C
cf-ray: 8d368fc5edb18641-PER
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: application/javascript
last-modified: Tue, 04 Jun 2024 15:30:02 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: 1KYvP1UJui3F3sexSI8Edev0ssCxy0r1hoLYL3sInblmS0xC6TVIxfrJbVQshQPcVtGMRX8qMGE=

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 2FAA 98 KB
29 KB 172ms
62ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-id-2: 36vtc4UZ+x+3AO1VfMsXMqUegBn7WOlZ0OB8DDpNlb7JRlsylw0Dw1BhDGQxtjeQsJHmvowmN0o=
strict-transport-security: max-age=15552000; includeSubDomains; preload
cache-control: public, max-age=3600
content-encoding: br
cf-cache-status: HIT
etag: W/"f24286e1b73c01841e789906d50ce23f"
age: 457
x-amz-request-id: 9YY96PBDF0QYEM2W
cf-ray: 8d368fc5e9d88655-PER
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: text/javascript;charset=utf-8
last-modified: Wed, 02 Oct 2024 12:26:13 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 01gzycae207th3p2tzy7-377bc39c9dc60567e7e04ce48055bcf2.jpg
images2.minutemediacdn.com/image/upload/video/thumbnail/mmsport/01gzycae207th3p2tzy7/ 95 KB
96 KB 331ms
104ms Image
image/jpeg 2600:9000:277a:800:14:3f07:afc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images2.minutemediacdn.com/image/upload/video/thumbnail/mmsport/01gzycae207th3p2tzy7/01gzycae207th3p2tzy7-377bc39c9dc60567e7e04ce48055bcf2.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:277a:800:14:3f07:afc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 97fbdcc705816d4b6fdaeed920cc5b5f506f27bdc2c4c07418698f23994ea20e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

etag: "1f0aeb440b26e3d9846afb34b1bec86c"
surrogate-reporting: width=1920,height=1080,owidth=1920,oheight=1080,obytes=97113
age: 4803521
x-cache: Hit from cloudfront
x-amz-cf-id: DKli25nH7zI8s7gfzrqIBg5LtjaaAYMnkhzNTDzmX9sfW63hLOHyqA==
date: Wed, 21 Aug 2024 17:49:51 GMT
content-type: image/jpeg
x-served-by: cache-lga21961-LGA
x-cache-hits: 0
last-modified: Mon, 08 May 2023 19:21:39 GMT
access-control-allow-headers: X-Requested-With
cache-control: private, max-age=31560000
timing-allow-origin: *
x-timer: S1724262591.270457,VS0,VE206
via: 1.1 7e2fab32e11703f7384de4d8fef36848.cloudfront.net (CloudFront), 1.1 varnish, 1.1 e3f515cf2b40cd90e36f3532dbd8a5ae.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 97113
x-amz-cf-pop: SYD3-P1
server: CloudFront

GET
H3 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2
fonts.gstatic.com/s/firasanscondensed/v10/ 22 KB
22 KB 96ms
96ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v10/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Fira+Sans+Condensed&family=Poppins:wght@200;500&family=Open+Sans:wght@300..800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://fonts.googleapis.com/

Response headers

age: 46584
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 19:12:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 19:12:08 GMT
last-modified: Thu, 21 Apr 2022 16:50:55 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22768
x-xss-protection: 0
server: sffe

GET
H2 200 01gzycae207th3p2tzy7.m3u8 Show response
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/ 1 KB
1 KB 386ms
266ms XHR
application/vnd.apple.mpegurl 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/01gzycae207th3p2tzy7.m3u8
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b804c068f367686218c1a9b3bfd9199140e67e02de8d139bd42c96e985419f9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "51fcfaccd499e180826a32482d420732"
x-amz-version-id: PaEfsAscGxxD8GG4l5Al1apso5SwFyjA
age: 2458776
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:33 GMT
last-modified: Mon, 08 May 2023 19:23:07 GMT
x-served-by: cache-bfi-krnt7300076-BFI, cache-per12627-PER
x-cache-hits: 4963658, 0
content-type: application/vnd.apple.mpegurl
x-amz-id-2: 3T1qJhX+4gUyYjg8WWNfKQIRpkvuby0AcR6kUndBrytv9fc2xqUQ/TmDgUMUA05WEu6h9ywEmmQ=
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066113.029389,VS0,VE217
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: EPNKTT9VAER6VJ2C
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1080
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 01gzycae207th3p2tzy7.vtt
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/ 9 KB
10 KB 381ms
264ms TextTrack
text/vtt 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/01gzycae207th3p2tzy7.vtt
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81d8d52425f6249efc8c51d5cc51cd890c7234279586fdf1d863a207fa71a598

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://news.itsblossom.com
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "a469c1fbe6636fdebef41e06f8e94163"
x-amz-version-id: MWvu5UgDr4tu2uGytK5J8YKiWYbKCCYI
age: 47543
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:33 GMT
last-modified: Tue, 09 May 2023 09:30:13 GMT
x-served-by: cache-bfi-krnt7300095-BFI, cache-per12627-PER
x-cache-hits: 71739, 0
content-type: text/vtt
x-amz-id-2: v1cvCPIKi4qs9M7GZCPk+JrRLmiYKWA0t4ic1sMabrAneN1WZ15tmsuz6Kg7mvPvbmuVMHMlByNO367DiCBmtg==
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066113.029453,VS0,VE217
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: EPNX9KXHBSRQGGEP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9572
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 ads Show response
selector.voltaxam.com/ 126 B
621 B 463ms
265ms Fetch
application/json 108.158.20.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://selector.voltaxam.com/ads
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-100.syd62.r.cloudfront.net
Software: /
Resource Hash: 4bd0dc07fd8484c9cb6b0aa330cfe35bda22799520f74065c7a3f355e72f0baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://news.itsblossom.com/

Response headers

x-region: us-west-2
cache-control: private,no-store
content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 1b68da67ecd8210b43b9ded7550536ca.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 136
x-amz-cf-id: f1AORs5XU_zGMGLRWudWqGvgF9QQQCSWWJGSdj9nQEkY7M4mXHaQ1A==
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: SYD62-P3
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

OPTIONS
H2 200 hadron.json
id.hadron.ad.gt/v1/ Frame 0
0 357ms
246ms Preflight
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=521&sync=0&domain=news.itsblossom.com&url=about:blank
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://news.itsblossom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
allow: POST, OPTIONS, GET
cf-cache-status: DYNAMIC
cf-ray: 8d368fc70a878ac7-PER
content-length: 0
content-type: application/json
date: Wed, 16 Oct 2024 08:08:33 GMT
debug: OPTIONS block
server: cloudflare

GET
H2 200 hadron.json Show response
id.hadron.ad.gt/v1/ Frame 2FAA 124 B
282 B 250ms
250ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=521&sync=0&domain=news.itsblossom.com&url=about:blank
Requested by: Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&_it=amazon&partner_id=521
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c54e3f3853e206bba65ac32fed392fc8771ba88a986a9e3ac079554e758a251

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
debug: NON-OPTIONS
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
cf-ray: 8d368fc89c168ac7-PER
access-control-allow-origin: *
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/json
server: cloudflare
access-control-allow-headers: authorization,content-type

GET
H2 200 publishertag.prebid.139.js Show response
static.criteo.net/js/ld/ 95 KB
0 0ms
0ms XHR
text/javascript 2406:2600:7:100::1
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software: nginx /
Resource Hash: 139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=86400, public
timing-allow-origin: *
content-encoding: gzip
etag: W/"653a6f57-17cae"
cross-origin-resource-policy: cross-origin
expires: Thu, 17 Oct 2024 08:08:32 GMT
access-control-allow-origin: *
date: Wed, 16 Oct 2024 08:08:32 GMT
content-type: text/javascript
last-modified: Thu, 26 Oct 2023 13:53:27 GMT
server: nginx

GET
H2 200 image-OlUXKYc7bd4Ai75M.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 25 KB
25 KB 454ms
454ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-OlUXKYc7bd4Ai75M.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d7a6d697fe3aefd40dd8d1ba39ca7fdc2104a2b5734262f7ad0e66f35d323ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-cache-status: MISS
etag: "82be272e7518cf913ea0d9556bb77034"
cf-ray: 8d368fc6faea8642-PER
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 25930
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:21 GMT
vary: Accept-Encoding
server: cloudflare

OPTIONS
H2 204 page_load
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ Frame 0
0 711ms
234ms Preflight 54.213.2.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/page_load
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.213.2.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-2-161.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://news.itsblossom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods: POST
access-control-allow-origin: https://news.itsblossom.com
access-control-max-age: 86400
date: Wed, 16 Oct 2024 08:08:33 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 page_load Show response
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ 59 B
222 B 237ms
236ms Fetch
application/json 35.92.206.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/page_load
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.92.206.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-92-206-26.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: c79893583afa9916d453aba170a250b2e2a5e93dd031de31892efe7c40ec4843

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
content-length: 59
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
361 B 306ms
99ms Fetch
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 116e39f16808341ff98b9be5aa263f143a2e715be5da91f725bfc7b7d0881dc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: 0
access-control-allow-origin: https://news.itsblossom.com
content-length: 174
x-prebid: pbs-java/3.13.0
content-type: application/json
vary: origin

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 577 B
1 KB 266ms
265ms Fetch
application/json 103.43.90.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e8021102e2b0e031a8a16e11238d9a221c43fbf04df980a2c6a889020bc10709

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.108.231.84; 103.108.231.84; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://news.itsblossom.com
an-x-request-uuid: c194af63-c377-4b5d-be76-a476dd7c9f51
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Oct 2024 08:08:33 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.23.4

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 560 B
709 B 383ms
175ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

bf56a8ee61466025da3c91251cec9752d81cf8d7f97be0530803b00090e2b971

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 344
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 524 B
714 B 471ms
263ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

dfc11fab2f8242016cb03f4f75a1ca60e803adcbfc7c5c3bfd17fc489a2c0b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 349
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 814 B
797 B 383ms
176ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

e10045cb5eb314fc19c1311ed506fc9c4914b1e076e27400d99a06576b2d60dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 431
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 605 B
776 B 465ms
257ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

8f01b38fa7dd98a076abd34c7e465050b3bd5eee05d853f87492bb4110c43ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 411
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 484 B
655 B 381ms
175ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

76310d6cf129e2f674d262ece1ab3f1651dc179e2220c350782ac22751ac6bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 290
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 104ms
101ms Fetch 67.199.150.87
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.87 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: https://news.itsblossom.com
date: Wed, 16 Oct 2024 08:08:33 GMT
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
555 B 179ms
175ms Fetch
application/json 51.79.154.29
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

OPTIONS
H2 200 01jaa5y5y97rtgk9sbswv6agp1
rtb.voltaxam.com/videos/ Frame 0
0 266ms
265ms Preflight
application/json 2600:9000:2212:c200:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.voltaxam.com/videos/01jaa5y5y97rtgk9sbswv6agp1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:c200:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: mmtarget
Access-Control-Request-Method: POST
Origin: https://news.itsblossom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
access-control-allow-methods: PUT, POST, DELETE, PATCH
access-control-allow-origin: https://news.itsblossom.com
content-length: 122
content-type: application/json; charset=utf-8
date: Wed, 16 Oct 2024 08:08:33 GMT
via: 1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
x-amz-cf-id: vQfO8BTAT4WzuAz2WXt1w4CBFyCeFlqGSzZcAClZzVNhOAZSnLeStQ==
x-amz-cf-pop: SYD62-P1
x-cache: Miss from cloudfront

POST
H2 200 01jaa5y5y97rtgk9sbswv6agp1 Show response
rtb.voltaxam.com/videos/ 134 B
697 B 368ms
366ms Fetch
application/json 2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.voltaxam.com/videos/01jaa5y5y97rtgk9sbswv6agp1
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8fe73f4cb70999c58343d9b12bfab837820976ac9cebf4e4c4c87e06323cf1ed

Request headers

mmtarget: production-ssp
Referer: https://news.itsblossom.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-methods: PUT, POST, DELETE, PATCH
x-cache: Miss from cloudfront
x-amz-cf-id: 2wqC2WwvXLtfzJ9ISVEapMdKzt8VCp_NK5f8iF9nWPE6Ea6V68QlmQ==
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
cache-control: private,no-store
access-control-allow-credentials: true
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
access-control-allow-origin: https://news.itsblossom.com
content-length: 139
x-amz-cf-pop: SYD62-P1

GET
H2 200 cookie_sync.js Show response
mp.mmvideocdn.com/cookie-sync/ 11 KB
3 KB 95ms
94ms Script
application/x-javascript 2600:9000:2212:3600:e:8add:c340:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.mmvideocdn.com/cookie-sync/cookie_sync.js
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:3600:e:8add:c340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e2b4b8230cfee61662e1e7a6bbda22198e1926580b400eb726fbd9178ddb28c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-encoding: br
x-amz-version-id: MK6qusXI4bIljpNmzG9K4YUDxjWHvjrI
etag: W/"8cf6e6973e0f803d587625a86c383fa9"
age: 593074
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: T3Rc_OJsZyLfpcFlVupIjF158xAhydoEy6cQjLKZGNrD_nG1DUzlvw==
date: Wed, 09 Oct 2024 11:24:00 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
last-modified: Wed, 09 Oct 2024 11:23:56 GMT
cache-control: private, no-store
via: 1.1 2232887ba0422bbe2b2a9f1ebf020f00.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
server: CloudFront
x-amz-server-side-encryption: AES256

GET
H2 200 454 Show response
p.ad.gt/api/v1/p/ 55 KB
19 KB 179ms
66ms Script
application/javascript 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/454
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/454?url=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b26646b4d9dc7719d7e504ee17c4cafcca7c7a1be96a63a7f6d370b348f2376b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
cf-cache-status: HIT
age: 230
cf-ray: 8d368fc809c087be-PER
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 08:03:27 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 202 halo_match
ids.ad.gt/api/v1/ 43 B
148 B 713ms
238ms Image
image/gif 34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&halo_id=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: image/gif
server: nginx/1.27.1

GET
H2 200 ip_match
ids.ad.gt/api/v1/ 0
191 B 713ms
238ms Image
text/html 34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-length: 0
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: text/html; charset=utf-8
server: nginx/1.27.1

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&adnxs_id=$UID&gdpr=0
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&adnxs_id=1470867526730679273&gdpr=0

43 B
143 B

450ms
241ms

Image
image/gif

34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&adnxs_id=1470867526730679273&gdpr=0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&adnxs_id=1470867526730679273&gdpr=0
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.108.231.84; 103.108.231.84; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 864df874-7879-41b9-b397-afcc22c77018
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Oct 2024 08:08:33 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729066113-RW8U20VP-7TQL&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001729066113-RW8U20VP-7TQL&gdpr=0
https://ids.ad.gt/api/v1/t_match?tdid=d001ba32-7b2e-44c7-9ae9-462456187448&id=AU1D-0100-001729066113-RW8U20VP-7TQL

43 B
143 B

341ms
239ms

Image
image/gif

34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=d001ba32-7b2e-44c7-9ae9-462456187448&id=AU1D-0100-001729066113-RW8U20VP-7TQL
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

location: https://ids.ad.gt/api/v1/t_match?tdid=d001ba32-7b2e-44c7-9ae9-462456187448&id=AU1D-0100-001729066113-RW8U20VP-7TQL
content-length: 259
date: Wed, 16 Oct 2024 08:08:33 GMT
server: Kestrel

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729066113-RW8U20VP-7TQL
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001729066113-RW8U20VP-7TQL
https://ids.ad.gt/api/v1/pbm_match?pbm=07C8E0F4-267D-4F22-8720-365BFFCD3A57&id=AU1D-0100-001729066113-RW8U20VP-7TQL

43 B
143 B

279ms
240ms

Image
image/gif

34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=07C8E0F4-267D-4F22-8720-365BFFCD3A57&id=AU1D-0100-001729066113-RW8U20VP-7TQL
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

cache-control: no-store, no-cache, private
location: https://ids.ad.gt/api/v1/pbm_match?pbm=07C8E0F4-267D-4F22-8720-365BFFCD3A57&id=AU1D-0100-001729066113-RW8U20VP-7TQL
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 16 Oct 2024 08:08:33 GMT
server: nginx

GET
H2

200

rub_match
ids.ad.gt/api/v1/
Redirect Chain

https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001729066113-RW8U20VP-7TQL&gdpr=0
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&rub=M2BLBIAL-A-9ZFL&gdpr=0

43 B
143 B

508ms
470ms

Image
image/gif

34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&rub=M2BLBIAL-A-9ZFL&gdpr=0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
Location: https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&rub=M2BLBIAL-A-9ZFL&gdpr=0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
Pragma: no-cache
content-length: 0

GET
H2

200

tapad_match
ids.ad.gt/api/v1/
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3185&partner_device_id=AU1D-0100-001729066113-RW8U20VP-7TQL&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729066113...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3185&partner_device_id=AU1D-0100-001729066113-RW8U20VP-7TQL&partner_url=https://ids.ad.gt%2Fapi%2Fv1%2Ftapad_match%3Fid%3DAU1D-0100-001729...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=198cd94c-4256-4cca-a638-2ca68b26c2d0%252Chttps%25253A%25252F%25252Fids.ad.gt%25252Fapi%25252Fv1%25252Ftapad_match%25253Fi...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d001ba32-7b2e-44c7-9ae9-462456187448&ttd_puid=198cd94c-4256-4cca-a638-2ca68b26c2d0%2Chttps%253A%252F%252Fids.ad.gt%252Fap...
https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&tapad_id=198cd94c-4256-4cca-a638-2ca68b26c2d0

43 B
143 B

237ms
237ms

Image
image/gif

34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&tapad_id=198cd94c-4256-4cca-a638-2ca68b26c2d0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

strict-transport-security: max-age=31536000
location: https://ids.ad.gt/api/v1/tapad_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&tapad_id=198cd94c-4256-4cca-a638-2ca68b26c2d0
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Wed, 16 Oct 2024 08:08:34 GMT
server: Jetty(11.0.13)

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001729066113-RW8U20VP-7TQL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=AU1D-0100-001729066113-RW8U20VP-7TQL&google_tc=
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&google_gid=CAESEPclGzx7E95ezIx2GyqImAg&google_cver=1&google_ula=450542624,0

43 B
143 B

236ms
236ms

Image
image/gif

34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&google_gid=CAESEPclGzx7E95ezIx2GyqImAg&google_cver=1&google_ula=450542624,0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

cache-control: no-cache, must-revalidate
location: https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&google_gid=CAESEPclGzx7E95ezIx2GyqImAg&google_cver=1&google_ula=450542624,0
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 357
date: Wed, 16 Oct 2024 08:08:33 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H2

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001729066113-RW8U20VP-7TQL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTA2NjExMy1SVzhVMjBWUC03VFFM

170 B
243 B

196ms
194ms

Image
image/png

172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTA2NjExMy1SVzhVMjBWUC03VFFM

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 16 Oct 2024 08:08:33 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTcyOTA2NjExMy1SVzhVMjBWUC03VFFM
content-length: 453
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: text/html; charset=utf-8
server: nginx/1.27.1

GET
H2

200

impr_match
ids.ad.gt/api/v1/
Redirect Chain

https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729066113-RW8U20VP-7TQL%26impr_uid%3D%7BPUB_USER_ID%7D
https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001729066113-RW8U20VP-7TQL%26impr_uid%3D%7BPUB_USER_ID%7D
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&impr_uid=5d4f086c-6050-4cda-898d-8387d833bbd1

43 B
143 B

236ms
236ms

Image
image/gif

34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&impr_uid=5d4f086c-6050-4cda-898d-8387d833bbd1
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

access-control-allow-origin: *
location: https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&impr_uid=5d4f086c-6050-4cda-898d-8387d833bbd1
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: text/plain

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=AU1D-0100-001729066113-RW8U20VP-7TQL
https://ids.ad.gt/api/v1/ppnt_match?uid=8TwRbhWzax86&ev=1&pid=562316&id=AU1D-0100-001729066113-RW8U20VP-7TQL

43 B
143 B

237ms
236ms

Image
image/gif

34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=8TwRbhWzax86&ev=1&pid=562316&id=AU1D-0100-001729066113-RW8U20VP-7TQL
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 08:08:35 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

cache-control: private, max-age=0, no-cache, no-store
location: https://ids.ad.gt/api/v1/ppnt_match?uid=8TwRbhWzax86&ev=1&pid=562316&id=AU1D-0100-001729066113-RW8U20VP-7TQL
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-776965f755-8fcvb
expires: -1
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-AU
server: Jetty(10.0.14)

GET
H2

200

son_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&uid=[UID]&gdpr=0
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&uid=b6973e9b-cda6-4cd5-bd07-3def60a671fe&gdpr=0

43 B
143 B

237ms
236ms

Image
image/gif

34.209.246.226
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&uid=b6973e9b-cda6-4cd5-bd07-3def60a671fe&gdpr=0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.209.246.226 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-209-246-226.us-west-2.compute.amazonaws.com
Software: nginx/1.27.1 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache
content-length: 43
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: image/gif
server: nginx/1.27.1

Redirect headers

cache-control: no-cache, no-store, private
location: https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001729066113-RW8U20VP-7TQL&uid=b6973e9b-cda6-4cd5-bd07-3def60a671fe&gdpr=0
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Wed, 16 Oct 2024 08:08:34 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-lax-1-5-121
x-xss-protection: 0

GET
H2 200 / Show response
geo.privacymanager.io/ Frame 2FAA 30 B
627 B 904ms
299ms Fetch
application/json 3.168.86.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.168.86.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-168-86-71.sfo5.r.cloudfront.net
Software: /
Resource Hash: 52024c00d02e08cceb375c074033497d177dc505d8f051268705ce6c41a25ed7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

x-amz-apigw-id: fr8EQG5FDoEEbLg=
age: 78848
x-amzn-trace-id: Root=1-670e4081-070809f55a60182a55636ff6;Parent=678d7bf83e642243;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid: 298bf5b4-2a15-4d02-9d4b-768955fc07d4
via: 1.1 6b195068aea9dae53cab6ca0716fb2f6.cloudfront.net (CloudFront), 1.1 706d44cf645fa513dc870a95865811d8.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 30
x-amz-cf-id: _qk1mcvmu_qT50FzOOTlg6buL2mLtPzkZe99DqXBA0_TkslQ87P6Cg==
date: Tue, 15 Oct 2024 10:14:25 GMT
content-type: application/json
x-amz-cf-pop: SFO53-P6, SFO5-P3
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 /
onetag-sys.com/usync/ Frame C839 0
0 279ms
96ms Document
text/html 51.79.152.76
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=7e42d776fe3e25a&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/cookie-sync/cookie_sync.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.152.76 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip76.ip-51-79-152.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://news.itsblossom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 1443
content-type: text/html
strict-transport-security: max-age=15552000

GET
H2 200 usync.html
eus.rubiconproject.com/ Frame 6453 0
0 285ms
93ms Document
text/html 23.221.133.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=minute_media_01&endpoint=us-west
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/cookie-sync/cookie_sync.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.221.133.65 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-221-133-65.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer: https://news.itsblossom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 224
content-type: text/html; charset=UTF-8
date: Wed, 16 Oct 2024 08:08:33 GMT
etag: "2052a-10d-6142d69a886c0"
last-modified: Thu, 21 Mar 2024 15:32:19 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://secure.adnxs.com/getuid?https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&xandr_uid=$UID&gdpr=0&gdpr_consent=&us_privacy=
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&xandr_uid=1470867526730679273&gdpr=0&gdpr_consent=&us_privacy=

0
484 B

267ms
266ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&xandr_uid=1470867526730679273&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 1UfltkHQQ7q9CV2wo0gBh2nVBYqjHcezuf8pOfeMSu8QxGd0cp21JA==
date: Wed, 16 Oct 2024 08:08:34 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

cache-control: no-store, no-cache, private
location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&xandr_uid=1470867526730679273&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.108.231.84; 103.108.231.84; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: a2dcf223-37d4-4f76-a663-3ecf5a8de816
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Oct 2024 08:08:34 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26triplelift_uid%3D$UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26triplelift_uid%3D%24UID
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&triplelift_uid=2099701292308855099479

0
484 B

267ms
267ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&triplelift_uid=2099701292308855099479
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: Wmc4EbkCkhv_oMz9z4cblpghwEtIgnI7P5BlFecJKtk1SDnckNEetA==
date: Wed, 16 Oct 2024 08:08:34 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

cache-control: no-cache, no-store, must-revalidate
location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&triplelift_uid=2099701292308855099479
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Wed, 16 Oct 2024 08:08:34 GMT

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://sync.go.sonobi.com/us?gdpr=0&consent_string=&us_privacy=&loc=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26sonobi_uid%3D%5BUID%5D
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&sonobi_uid=ac4939f3-47c1-48d8-86d5-07e973bce8d9

0
485 B

267ms
267ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&sonobi_uid=ac4939f3-47c1-48d8-86d5-07e973bce8d9
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: Eh68z2jkjJMi_751qaut9Jyv9Q-Lh5eSITigmO1Qy1xWoCfrX-KKkQ==
date: Wed, 16 Oct 2024 08:08:34 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

cache-control: no-cache, no-store, private
location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&sonobi_uid=ac4939f3-47c1-48d8-86d5-07e973bce8d9
pragma: no-cache
expires: Sat, 26 Jul 1997 05:00:00 GMT
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date: Wed, 16 Oct 2024 08:08:34 GMT
tcn: Choice
content-type: text/plain; charset=utf8
vary: negotiate,Accept-Encoding
server: sonobi-go
x-go-server: go-lax-1-5-30
x-xss-protection: 0

GET

user_sync.html
ads.pubmatic.com/AdServer/js/
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=163062&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D163062%26pmc%3DPM_PMC%26pr%3Dhttps%253A%2...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDdDOEUwRjQtMjY3RC00RjIyLTg3MjAtMzY1QkZGQ0QzQTU3&gdpr=0&gdpr_consent=&google_cm
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKylfIG6Hy7AxOmL-phcKJQ&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=B8jg9CZ9TyKHIDZb_806Vw%3D%3D&gdpr=0&gdpr_consent=&google_cm
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEI_uuyqyEWEOfhQo6IH-bkE&google_cver=1

0
0

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26sovrn_uid%3D%24UID
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&sovrn_uid=JgUoABZHn8BW5yWCRZSYn8WU

0
485 B

268ms
267ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&sovrn_uid=JgUoABZHn8BW5yWCRZSYn8WU
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: P2lv2_MtE0A2B_TKw3XV6DOcDk8oWxEquxeNpGjgw95YABARA-dHTA==
date: Wed, 16 Oct 2024 08:08:33 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&sovrn_uid=JgUoABZHn8BW5yWCRZSYn8WU
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Oct 2024 08:08:33 GMT
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=196326&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26ix_uid%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26ix_uid%3D&gdpr=0&gdpr_consent=&s=196326&us_privacy=&C=1
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&ix_uid=Zw90gosFVUMAAAXTAFxpVQAA%264747

0
484 B

267ms
266ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&ix_uid=Zw90gosFVUMAAAXTAFxpVQAA%264747
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: SiWm0_kuiVe1Bgjjn9-yz_RlnQmssBOmLLqYhYtCB-fAofDrkO0rRA==
date: Wed, 16 Oct 2024 08:08:34 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

cache-control: no-cache
location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&ix_uid=Zw90gosFVUMAAAXTAFxpVQAA%264747
cf-cache-status: DYNAMIC
pragma: no-cache
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3xfIEUTu7T6QvxpaepBv5J6EoCdP1Su6NB7IW8ZpxGYtYAxKRX6zt7b%2B0RcYzO3ylTy5EiiHd3lpIM%2Be%2FqVIU8kTtzCzR6Iw4z58WW5TdxkNaGHpI53WZ3nn2xK0WE6XoBLJekvB28bJow%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d368fcebca47380-PER
expires: 0
alt-svc: h3=":443"; ma=86400
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date: Wed, 16 Oct 2024 08:08:34 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2

200

cookie
cm.adform.net/
Redirect Chain

https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26adaptmx_uid%3D
https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d-e616-4de5-b020-53af6b59a098%26bidder%...
https://prebid.a-mo.net/cchain/0/8782?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=555df71d-e616-4de5-b020-53af6b59a098&bidder=appnexus&cbx=aHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sd...
https://rtb.openx.net/sync/prebid?&gdpr=0&us_privacy=1---&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d-e616-...
https://prebid.a-mo.net/cchain/1/8782?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=555df71d-e616-4de5-b020-53af6b59a098&bidder=openx&cbx=aHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4...
https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%2...
https://prebid.a-mo.net/cchain/2/8782?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=555df71d-e616-4de5-b020-53af6b59a098&bidder=index_rtb&cbx=aHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9s...
https://id.a-mx.com/u?&gdpr=0&us_privacy=1---&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d-e616-4de5-b020-5...
https://prebid.a-mo.net/cchain/4/8782?gpp=&gdpr_consent=&gdpr=0&gpp_sid=&us_privacy=&A=555df71d-e616-4de5-b020-53af6b59a098&bidder=amx_com&cbx=aHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdG...
https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d...

35 B
474 B

1334ms
339ms

Image
image/gif

37.157.2.229
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d-e616-4de5-b020-53af6b59a098%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%253D%253D%26uid%3D%24UID
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 37.157.2.229 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-max-age: 86400
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: *
date: Wed, 16 Oct 2024 08:08:36 GMT
content-type: image/gif
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

Redirect headers

cache-control: max-age=0, private, must-revalidate
location: https://cm.adform.net/cookie?&gdpr=0&us_privacy=1---&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F5%2F8782%3Fgpp%3D%26gdpr_consent%3D%26gdpr%3D0%26gpp_sid%3D%26us_privacy%3D%26A%3D555df71d-e616-4de5-b020-53af6b59a098%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9ydGIudm9sdGF4YW0uY29tL2Nvb2tpZVN5bmM_dm9sdGF4UlRCVXNlcklEPTAxamFhNXk1eTk3cnRnazlzYnN3djZhZ3AxJmFkYXB0bXhfdWlkPQ%253D%253D%26uid%3D%24UID
content-length: 0
date: Wed, 16 Oct 2024 08:08:35 GMT
x-envoy-upstream-service-time: 2
vary: accept-encoding
server: envoy

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://ads.yieldmo.com/pbsync?is=MMED_Voltax&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26yieldmo_uid%3...
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&yieldmo_uid=VeyIvMM6r5MpMECoCAq9&gdpr=0&gdpr_consent=&us_privacy=

0
484 B

268ms
268ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&yieldmo_uid=VeyIvMM6r5MpMECoCAq9&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: 6kFTMgl5M7_SpmjuUkab0Qa6l2MW18rS7OHI3bfoQijPfVtZikcpVw==
date: Wed, 16 Oct 2024 08:08:34 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&yieldmo_uid=VeyIvMM6r5MpMECoCAq9&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: application/json;charset=utf-8
access-control-allow-headers: Cache-Control, Pragma, *

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://csync.loopme.me/?pubid=11586&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26loopme_uid%3D%7Bviewer_to...
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&loopme_uid=577f409b-003d-450c-a2e8-f945e76bfeae&us_privacy=null&gdpr_consent=null&gdpr=0

0
485 B

611ms
610ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&loopme_uid=577f409b-003d-450c-a2e8-f945e76bfeae&us_privacy=null&gdpr_consent=null&gdpr=0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: -AeV4lCb8uruGF2JQqE-fdZpGSSa0oWyzzcchRwprZkRACpdRkCy2w==
date: Wed, 16 Oct 2024 08:08:35 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&loopme_uid=577f409b-003d-450c-a2e8-f945e76bfeae&us_privacy=null&gdpr_consent=null&gdpr=0
content-length: 0
date: Wed, 16 Oct 2024 08:08:35 GMT
server: _

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://cs.admanmedia.com/sync/minute_media?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26acuityads_uid%3D%5BUI...
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&acuityads_uid=4fe2a539-ff2a-4cb8-8f56-2bacc1417a2c

0
485 B

269ms
268ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&acuityads_uid=4fe2a539-ff2a-4cb8-8f56-2bacc1417a2c
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: bK4QjLH77TLh-tI-zq4O5IgeeprN-MKmpACVs5oexaGFZnBUm0R6ng==
date: Wed, 16 Oct 2024 08:08:35 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&acuityads_uid=4fe2a539-ff2a-4cb8-8f56-2bacc1417a2c
Pragma: no-cache
Connection: keep-alive
Expires: 0
Content-Length: 0
Date: Wed, 16 Oct 2024 08:08:35 GMT
Server: nginx

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=sportority&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26unruly_uid%3D...
https://sync.1rx.io/usersync2/rmpssp?sub=sportority&zcc=1&redir=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26unruly_uid%3D%5BRX_UUID%5D&cb=1729066115819
https://ad.turn.com/r/cs?pid=45&id=RX-9e7e8cfc-6966-4f81-bc8c-0aa35b2403bc-004&rndcb=3152199219
https://sync.1rx.io/usersync/turn/2423178748706267666?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D175kELn9xvfXoe3C4qjRaWS8%26source_user_...
https://match.sharethrough.com/sync/v1?source_id=175kELn9xvfXoe3C4qjRaWS8&source_user_id=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004

68 B
323 B

95ms
94ms

Image
image/png

54.169.228.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=175kELn9xvfXoe3C4qjRaWS8&source_user_id=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Server

54.169.228.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=175kELn9xvfXoe3C4qjRaWS8&source_user_id=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Wed, 16 Oct 2024 08:08:39 GMT
etag: RXd8b0c28021784217a6f1b23d7e0a12c4004
content-type: text/html

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=6667519e-f89c-40a7-9fb6-e7217998098f&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26...
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&openx_uid=4d6d2dac-987f-4417-9371-85fb5ac417c3

0
486 B

618ms
617ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&openx_uid=4d6d2dac-987f-4417-9371-85fb5ac417c3
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: oYOE7Uf3_-d3H968uuaOhqQJIYFNNx7yzZ46gaP6jMd9wPHmqzMm6A==
date: Wed, 16 Oct 2024 08:08:35 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&openx_uid=4d6d2dac-987f-4417-9371-85fb5ac417c3
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: image/gif
vary: Accept, Accept-Encoding
server: OXGW/0.0.0

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://cs.media.net/cksync.php?cs=81&type=vol&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26medianet_uid%3D%3Cvsid%3E
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&medianet_uid=3720677159035665000V10

0
485 B

268ms
268ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&medianet_uid=3720677159035665000V10
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: Xsop_rIeSAhmhm5oeNnNrf6Divn5qSeA6OylYKDuOw-TvLkR3q8OJA==
date: Wed, 16 Oct 2024 08:08:35 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&medianet_uid=3720677159035665000V10
Timing-Allow-Origin: *
Pragma: no-cache
Connection: keep-alive
Expires: Wed, 16 Oct 2024 08:08:35 GMT
x-mnet-hl2: E
Content-Length: 154
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Date: Wed, 16 Oct 2024 08:08:35 GMT
Content-Type: text/html
Server: Apache

GET
H2

204

cookieSync
rtb.voltaxam.com/
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=129&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Frtb.voltaxam.com%2FcookieSync%3FvoltaxRTBUserID%3D01jaa5y5y97rtgk9sbswv6agp1%26smartadserver_u...
https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&smartadserver_uid=5626527542043584697

0
485 B

612ms
612ms

Image
text/plain

2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&smartadserver_uid=5626527542043584697
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-credentials: true
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: Sll2aSxOnsCf5Db0XGN7TL-yGjlpCdTH6UeTotHKrWL9EkpH0m8BrA==
date: Wed, 16 Oct 2024 08:08:35 GMT
x-amz-cf-pop: SYD62-P1
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

Redirect headers

date: Wed, 16 Oct 2024 08:08:34 GMT
location: https://rtb.voltaxam.com/cookieSync?voltaxRTBUserID=01jaa5y5y97rtgk9sbswv6agp1&smartadserver_uid=5626527542043584697
content-length: 0

GET
H2 200 01gzycae207th3p2tzy7_270p.m3u8 Show response
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/ 7 KB
7 KB 264ms
264ms XHR
application/vnd.apple.mpegurl 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/01gzycae207th3p2tzy7_270p.m3u8
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 69be017daf20c595f7ea82fe6cca020bcd57b3948461bf164566bbe4109a5e03

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "5095c21c28805833e3c06b2bf003557d"
x-amz-version-id: JjEnvtyutCQe2qv3IzAmZR52nHkNNmPv
age: 1872728
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:33 GMT
last-modified: Mon, 08 May 2023 19:21:29 GMT
x-served-by: cache-bfi-krnt7300085-BFI, cache-per12627-PER
x-cache-hits: 2608750, 0
content-type: application/vnd.apple.mpegurl
x-amz-id-2: yAWNUXjN4tagIIAL6votlypXElkqF4j9/8rJwHWAPKZ+N7903q2foyJseEksmCe4KReeFm94MfNlKyG6JyxP5Q==
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066113.303911,VS0,VE216
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: ZSFNGXXKPTT68TMD
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6875
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 01gzycae207th3p2tzy7.webvtt.m3u8 Show response
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/ 155 B
562 B 267ms
267ms XHR
binary/octet-stream 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/01gzycae207th3p2tzy7.webvtt.m3u8
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74a893bafdaec7865c12a18e3a82bfed1ac558be37a1c45aa75936cab98214dc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "abf7b7db7c2db441dfbc0ab660e7796d"
x-amz-version-id: 508zrlMgk4l2u7IL4u8HePVtGzlaDBAb
age: 1872728
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:33 GMT
last-modified: Mon, 08 May 2023 19:23:07 GMT
x-served-by: cache-bfi-krnt7300085-BFI, cache-per12627-PER
x-cache-hits: 3147031, 0
content-type: binary/octet-stream
x-amz-id-2: B446jEUW35VI+bzzKFaGieyIm223pSJ6EnvdJU4FQUuP4jMxtXM3J4T0/wTnjWQZKlr0JbKSaPI=
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066113.304850,VS0,VE216
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: ZSFPEDR7J4XA6YYB
accept-ranges: bytes
access-control-allow-origin: *
content-length: 155
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 382ms
97ms Script
text/javascript 2404:6800:4006:814::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::200e Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-encoding: gzip
age: 3159
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 09:15:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 07:15:56 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 264 KB
93 KB 207ms
206ms Script
application/javascript 2404:6800:4006:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:811::2008 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb39709b3737f014ab48d5392f7fa7853741a6d1c3f92ea8925e03b38f78dd8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Wed, 16 Oct 2024 08:08:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 95013
x-xss-protection: 0
server: Google Tag Manager

OPTIONS
H2 200 dec
p.ad.gt/api/v1/ Frame 0
0 422ms
326ms Preflight
text/html 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/dec
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://news.itsblossom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://news.itsblossom.com
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8d368fc918c77382-PER
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 16 Oct 2024 08:08:33 GMT
server: cloudflare
vary: Origin

OPTIONS
H2 200 match
seg.ad.gt/api/v2/ Frame 0
0 443ms
329ms Preflight 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://news.itsblossom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
allow: POST
cf-cache-status: DYNAMIC
cf-ray: 8d368fc93cbb8655-PER
date: Wed, 16 Oct 2024 08:08:33 GMT
server: cloudflare
vary: origin, access-control-request-method, access-control-request-headers

POST
H2 204 collect Show response
a.ad.gt/api/v1/ 0
96 B 343ms
342ms XHR
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/collect
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cf-ray: 8d368fc88e5f87b8-PER
access-control-allow-origin: https://news.itsblossom.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 08:08:33 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
89 B 443ms
329ms Script
text/plain 2606:4700:10::6816:445
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=eecbee50406043676dbae1e7ee42c39c&url=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cf-ray: 8d368fd4fef68658-PER
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 08:08:35 GMT
server: cloudflare

POST
H2 204 dec Show response
p.ad.gt/api/v1/ 0
57 B 329ms
328ms XHR
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/dec
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://news.itsblossom.com/

Response headers

cf-ray: 8d368fcb2a8f7382-PER
access-control-allow-origin: https://news.itsblossom.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 08:08:34 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

POST
H2 200 match Show response
seg.ad.gt/api/v2/ 4 KB
395 B 334ms
332ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v2/match
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b16f54285d14b00c38628a019a6bad61daf89623464a4ba71c3a0e07a9ff823

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
content-encoding: br
cf-cache-status: DYNAMIC
cf-ray: 8d368fcb4ef78655-PER
access-control-allow-origin: *
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: application/json
vary: origin, access-control-request-method, access-control-request-headers, accept-encoding
server: cloudflare

GET
H2 200 segments Show response
seg.ad.gt/api/v1/ 16 B
138 B 447ms
334ms XHR
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://seg.ad.gt/api/v1/segments?url=https%253A%252F%252Fnews.itsblossom.com%252Fen%252FsDzHSexkMOasgP8f&partner_id=454&tagger_id=eecbee50406043676dbae1e7ee42c39c&au_id=AU1D-0100-001729066113-RW8U20VP-7TQL
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cf-cache-status: DYNAMIC
access-control-allow-credentials: true
cf-ray: 8d368fc93cba8655-PER
access-control-allow-origin: https://news.itsblossom.com
content-length: 16
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H2 200 bounce Show response
id5-sync.com/ Frame 2FAA 29 B
457 B 975ms
321ms Fetch
text/plain 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/bounce

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="CAO PSA OUR"
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: text/plain;charset=utf-8
vary: Origin

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ Frame 2FAA 56 B
302 B 982ms
324ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

64990fa5f64f060db8892ec3c3936e418813a9dbc53450336c542c3f3c8ee765

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://news.itsblossom.com
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 371 B
136 B 844ms
652ms XHR
application/json 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

cafe /

Resource Hash

aa1093ddd9a39cda81dfeffe179c1e9be0e2838426d96f208e351ac9ddd03810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 08:08:34 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 111
date: Wed, 16 Oct 2024 08:08:34 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 bridge3.672.0_en.html
imasdk.googleapis.com/js/core/ Frame A860 0
0 382ms
95ms Document
text/html 2404:6800:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.672.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:80f::200a Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.itsblossom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 53117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257608
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Oct 2024 17:23:16 GMT
expires: Wed, 15 Oct 2025 17:23:16 GMT
last-modified: Tue, 08 Oct 2024 19:19:58 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 569ms
279ms Script
text/javascript 2404:6800:4006:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:809::2006 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 08:08:35 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 16746
date: Wed, 16 Oct 2024 08:08:35 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FBE4 40 KB
14 KB 293ms
98ms Script
text/javascript 142.250.204.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.204.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f2.1e100.net

Software

sffe /

Resource Hash

5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 3002
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Wed, 16 Oct 2024 08:18:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 07:18:33 GMT
last-modified: Thu, 11 Apr 2024 19:10:13 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 13943
x-xss-protection: 0
server: sffe

GET
H2 200 01gzycae207th3p2tzy7_270p_00001.ts Show response
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/ 169 KB
170 KB 280ms
279ms XHR
video/mp2t 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/01gzycae207th3p2tzy7_270p_00001.ts
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 891bfc3e83ff26166268ffb991a2ed89b8edcce81313518f6076f95632621a9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "bca18fd689de1c02d18944f3c3b50b73"
x-amz-version-id: L7igUfXn.6As1TOvfrBOt8UugAewIeJF
age: 1943647
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:33 GMT
last-modified: Mon, 08 May 2023 19:17:08 GMT
x-served-by: cache-bfi-krnt7300117-BFI, cache-per12627-PER
x-cache-hits: 3023231, 0
content-type: video/MP2T
x-amz-id-2: ICIcwrMskOeEzqUXP5wDUivLBc8doDynfLBOVoq/1IJRHOtLJlCj0byNs/9KP02VRMOo8FjKH1GadBhvZIz5CQ==
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066114.607074,VS0,VE230
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: ZSFHG7TS3TFGEEM4
accept-ranges: bytes
access-control-allow-origin: *
content-length: 173336
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 01gzycae207th3p2tzy7.vtt Show response
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/ 9 KB
0 0ms
0ms XHR
text/vtt 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/01gzycae207th3p2tzy7.vtt
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 81d8d52425f6249efc8c51d5cc51cd890c7234279586fdf1d863a207fa71a598

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "a469c1fbe6636fdebef41e06f8e94163"
x-amz-version-id: MWvu5UgDr4tu2uGytK5J8YKiWYbKCCYI
age: 47543
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:33 GMT
last-modified: Tue, 09 May 2023 09:30:13 GMT
x-served-by: cache-bfi-krnt7300095-BFI, cache-per12627-PER
x-cache-hits: 71739, 0
content-type: text/vtt
x-amz-id-2: v1cvCPIKi4qs9M7GZCPk+JrRLmiYKWA0t4ic1sMabrAneN1WZ15tmsuz6Kg7mvPvbmuVMHMlByNO367DiCBmtg==
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066113.029453,VS0,VE217
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: EPNX9KXHBSRQGGEP
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9572
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 image-Eo7R8rYFlTigpAa9.jpg
posts-cdn.kueez.net/sDzHSexkMOasgP8f/ 26 KB
26 KB 400ms
400ms Image
image/jpeg 2606:4700:10::6816:1795
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://posts-cdn.kueez.net/sDzHSexkMOasgP8f/image-Eo7R8rYFlTigpAa9.jpg
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1795 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2be38b9fe1aaae7195e99aee488fc23d8f8e3b4c0d908f078f71fa93510d43e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: max-age=2600000
cf-cache-status: MISS
etag: "8f2b1ee9f7e1f6cde00da803f730c363"
cf-ray: 8d368fca1dce8642-PER
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 26308
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: image/jpeg
last-modified: Wed, 08 May 2024 10:30:24 GMT
vary: Accept-Encoding
server: cloudflare

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 1213ms
401ms Preflight
text/plain 74.118.186.106
TURN-US-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://news.itsblossom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.itsblossom.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Wed, 16 Oct 2024 08:08:34 GMT

POST
H2 204 66ba2c78c2b11a2d14717b2b Show response
prebid.cootlogix.com/prebid/multi/ 0
880 B 755ms
753ms Fetch 198.211.110.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/66ba2c78c2b11a2d14717b2b
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.211.110.247 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:34 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
555 B 358ms
355ms Fetch
application/json 51.79.154.29
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 583 B
1 KB 265ms
264ms Fetch
application/json 103.43.90.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

beae10c368103db61d240c8b0b44708deb4a1635fa2476eed0301552749f9ac5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.108.231.84; 103.108.231.84; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://news.itsblossom.com
an-x-request-uuid: ff9a0c97-868e-4845-862e-1e3e6a413dda
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Oct 2024 08:08:33 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.23.4

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 1 KB
1 KB 314ms
313ms Fetch
application/json 89.149.193.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.193.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: 7fb087b79619f77994bd78fe964e578706eaaada1fed93343af20881644b8831

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
208 B 99ms
98ms Fetch
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 19b1ae1fb5193525ff3b5956b6c3fa580191db636dcca30b2d3d1f3d88092873

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: 0
access-control-allow-origin: https://news.itsblossom.com
content-length: 173
x-prebid: pbs-java/3.13.0
content-type: application/json
vary: origin

POST
H2 200 unruly_prebid Show response
targeting.unrulymedia.com/ 11 B
237 B 1487ms
834ms Fetch
application/json 74.118.186.106
TURN-US-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.118.186.106 Serangoon New Town, Singapore, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://news.itsblossom.com/

Response headers

cache-control: private, max-age=0, no-cache, no-store
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
access-control-allow-origin: https://news.itsblossom.com
content-length: 11
date: Wed, 16 Oct 2024 08:08:36 GMT
content-type: application/json

POST
H2 204 6683c24e08540a6ddbc93b21 Show response
exchange.kueezrtb.com/prebid/multi/ 0
1 KB 586ms
582ms Fetch 206.81.3.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.kueezrtb.com/prebid/multi/6683c24e08540a6ddbc93b21
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.81.3.43 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:34 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 413 B
641 B 254ms
252ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

9e6992618e403c5fc4319e6bb48b1cfab5d5ac94bbaf80019479d5b129fef28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 276
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 514 B
731 B 263ms
259ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

4cb61370377e5d85901259a16fbca84f51f3ed9b7c5d7df89bbf1c7178f44dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 366
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 805 B
809 B 292ms
289ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

be7d046560a20df29485418ec014337b2a68c7cd5667724046b974fcdff58bac

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 444
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 492 B
679 B 272ms
269ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

93aaefa4ed28cf6069686ba7bdea46e90294135f50c3204157088fec1b0d57b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 314
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 413 B
648 B 181ms
178ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

6b3152747ca2f3156245d7a15c855f37566093279bf6efaeb7cc5ee200a6eebe

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 283
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 107ms
101ms Fetch 67.199.150.87
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.87 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: https://news.itsblossom.com
date: Wed, 16 Oct 2024 08:08:33 GMT
access-control-allow-credentials: true

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 403ms
134ms Preflight
application/json 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.itsblossom.com%2F&domain=news.itsblossom.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://news.itsblossom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://news.itsblossom.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 16 Oct 2024 08:08:33 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 191339
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fnews.itsblossom.com%2F&domain=news.itsblossom.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=nlZryXxMVWVpS2NCOVR2ZGxXNXUxZHZ5OGF5U0JtdTJqaWFoYm1OVWhmRmdxMW9ZS0xaZEw0Z2xKUjB4TWRWT2UxeVczSUpmdnVhdUFmZzRFSldiRXpaMFVCa29sSWkzbTkramZ0YlE2bmpmOEkza0V0aGc2VGdvRmxmbE...

450 B
1 KB

288ms
100ms

Fetch
application/json

182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=nlZryXxMVWVpS2NCOVR2ZGxXNXUxZHZ5OGF5U0JtdTJqaWFoYm1OVWhmRmdxMW9ZS0xaZEw0Z2xKUjB4TWRWT2UxeVczSUpmdnVhdUFmZzRFSldiRXpaMFVCa29sSWkzbTkramZ0YlE2bmpmOEkza0V0aGc2VGdvRmxmbElMT2FWZExkUjFQKzFzVFBoUzdnNWg0V29WSUwrYU1IOHF1b1gyNG5wbUhaOUFqc1ZsTUNPYUdUaHA4dEtRamQ2SGpBckxwaVVkczdkZzFEa2tkVUR1dFRkRkhhK1J3a1p2cUxBQzZ4UWQ1Z1JZUStIUEJPZTRBRVNqQ2lEOUtkRzV1cThQa0x1Z2ozdmF2ZHNoSDdGczltcVA0V3VqS2g2cXlmNHZGYXdXM3RUd29HcmhOOVN1emtsV2g3bHZycVp6cSsrdmhXMzg2aTFta1EzRmFHRGQxM1QxcGQwRWc9PXw&cppv=2

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

a6d4b7e4b35b13e33c37e1234452dc1b33cc503d6727aa5b5b92bb7a6b8024d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1286929
expires: 0
access-control-allow-origin: null
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: Kestrel

Redirect headers

strict-transport-security: max-age=31536000; preload;
cache-control: no-cache, no-store, must-revalidate
location: https://mug.criteo.com/sid?cpp=nlZryXxMVWVpS2NCOVR2ZGxXNXUxZHZ5OGF5U0JtdTJqaWFoYm1OVWhmRmdxMW9ZS0xaZEw0Z2xKUjB4TWRWT2UxeVczSUpmdnVhdUFmZzRFSldiRXpaMFVCa29sSWkzbTkramZ0YlE2bmpmOEkza0V0aGc2VGdvRmxmbElMT2FWZExkUjFQKzFzVFBoUzdnNWg0V29WSUwrYU1IOHF1b1gyNG5wbUhaOUFqc1ZsTUNPYUdUaHA4dEtRamQ2SGpBckxwaVVkczdkZzFEa2tkVUR1dFRkRkhhK1J3a1p2cUxBQzZ4UWQ1Z1JZUStIUEJPZTRBRVNqQ2lEOUtkRzV1cThQa0x1Z2ozdmF2ZHNoSDdGczltcVA0V3VqS2g2cXlmNHZGYXdXM3RUd29HcmhOOVN1emtsV2g3bHZycVp6cSsrdmhXMzg2aTFta1EzRmFHRGQxM1QxcGQwRWc9PXw&cppv=2
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 421204
expires: 0
access-control-allow-origin: https://news.itsblossom.com
content-length: 0
date: Wed, 16 Oct 2024 08:08:33 GMT
server: Kestrel

POST
H2 200 prebid Show response
id5-sync.com/api/config/ 194 B
667 B 870ms
321ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

975f35efb14db97259358a976f0b6191a0c4498f2a36c6c86d2b2e592dc8ab59

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="CAO PSA OUR"
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials: true

GET envelope
api.rlcdn.com/api/identity/ 0
0

GET
H2 200 pbhid Show response
id.hadron.ad.gt/api/v1/ 227 B
189 B 58ms
57ms Fetch
application/json 2606:4700:10::6816:545
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.hadron.ad.gt/api/v1/pbhid?partner_id=454&_it=prebid&t=1&src=id&domain=news.itsblossom.com
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f1cd49b331b609f6da4fd9acd4b03e15290f51df0782d8cd269293ed580d422

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

content-encoding: br
allow: POST, OPTIONS, GET
cf-ray: 8d368fca4e188ac7-PER
access-control-allow-origin: *
date: Wed, 16 Oct 2024 08:08:33 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sharethrough&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d001ba32-7b2e-44c7-9ae9-462456187448&gdpr=0&gdpr_consent=

68 B
324 B

296ms
95ms

Image
image/png

54.169.228.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d001ba32-7b2e-44c7-9ae9-462456187448&gdpr=0&gdpr_consent=

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Server

54.169.228.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=5b286190338513af73f09c28&source_user_id=d001ba32-7b2e-44c7-9ae9-462456187448&gdpr=0&gdpr_consent=
content-length: 323
date: Wed, 16 Oct 2024 08:08:33 GMT
server: Kestrel

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/shr?gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCNmJVN09IdWtBQUJTNzl1SHVQZw&gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&b...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pm%2Cpp%2Csas%2Cshr&bee_sync_current_partner=adx&bee_sync_initiator=shr&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAB6bU7OHukAABS79uHuPg&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Csas%2Cshr&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?ev=AAB6bU7OHukAABS79uHuPg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cshr%26bee_sync_current_partner%3Dpp%...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cshr&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB6bU7OHukAABS79uHuPg&pid=558502&do=add&gdpr=0
https://rtb-csync.smartadserver.com/redir?partneruserid=AAB6bU7OHukAABS79uHuPg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dshr%26bee_sync_...
https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=shr&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=5626527542043584697&gdpr=0&gdpr_consent=
https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAB6bU7OHukAABS79uHuPg&gdpr=0

68 B
323 B

95ms
95ms

Image
image/png

54.169.228.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAB6bU7OHukAABS79uHuPg&gdpr=0

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Server

54.169.228.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://match.sharethrough.com/sync/v1?source_id=vyXkw8rSq3j4JmKvTgxR3x1c&source_user_id=AAB6bU7OHukAABS79uHuPg&gdpr=0
Content-Length: 0
Date: Wed, 16 Oct 2024 08:08:37 GMT
Server: gunicorn
Connection: keep-alive

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://onetag-sys.com/usync/?tag=img
https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=&user_id=
https://x.bidswitch.net/ul_cb/sync?ssp=onetag&gdpr=&gdpr_consent=&user_id=
https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=onetag&gdpr=&gdpr_consent=
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&&user_id=vUt8jbxIdNmmH3qJuEth2-keeYqmHX-N6kheZ8ef

43 B
103 B

178ms
178ms

Image
image/gif

35.213.7.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&&user_id=vUt8jbxIdNmmH3qJuEth2-keeYqmHX-N6kheZ8ef
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 35.213.7.90 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 90.7.213.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=86400
cache-control: private, no-store, proxy-revalidate
location: https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=onetag&&user_id=vUt8jbxIdNmmH3qJuEth2-keeYqmHX-N6kheZ8ef
content-length: 0
date: Wed, 16 Oct 2024 08:08:34 GMT

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://x.bidswitch.net/sync?ssp=sharethrough&user_id=00f043ca-a8c6-454f-b1b3-ba1fd54c4479&gdpr=0&gdpr_consent=&gdpr_pd=1&us_privacy=&expires=365
https://gw-iad-bid.ymmobi.com/adx/user/sync?pubid=eWg=&gdpr=0&gdpr_consent=&us_privacy=&bidswitch_ssp_id=sharethrough&bsw_custom_parameter=0ff9aa47-d50f-4262-a58b-d5a3a194edbc&callback=https%3A%2F%...
https://x.bidswitch.net/sync?dsp_id=257&ssp=sharethrough&user_id=ym_user_d9ffee93-844b-4db6-ae1c-276ef2f9226c&bsw_param=0ff9aa47-d50f-4262-a58b-d5a3a194edbc

43 B
92 B

179ms
177ms

Image
image/gif

35.213.7.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=257&ssp=sharethrough&user_id=ym_user_d9ffee93-844b-4db6-ae1c-276ef2f9226c&bsw_param=0ff9aa47-d50f-4262-a58b-d5a3a194edbc
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 35.213.7.90 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 90.7.213.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Wed, 16 Oct 2024 08:08:37 GMT
content-type: image/gif

Redirect headers

access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
access-control-allow-origin: *
location: https://x.bidswitch.net/sync?dsp_id=257&ssp=sharethrough&user_id=ym_user_d9ffee93-844b-4db6-ae1c-276ef2f9226c&bsw_param=0ff9aa47-d50f-4262-a58b-d5a3a194edbc
content-length: 0
date: Wed, 16 Oct 2024 08:08:36 GMT
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE

GET
H2

200

v1
match.sharethrough.com/sync/
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=sharethrough
https://sync.1rx.io/usersync2/rmpssp?sub=sharethrough&zcc=1&cb=1729066115867
https://ad.turn.com/r/cs?pid=45&id=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004&rndcb=6441802959
https://sync.1rx.io/usersync/turn/8620976260898202130?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D175kELn9xvfXoe3C4qjRaWS8%26source_user_...
https://match.sharethrough.com/sync/v1?source_id=175kELn9xvfXoe3C4qjRaWS8&source_user_id=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004

68 B
323 B

96ms
96ms

Image
image/png

54.169.228.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.sharethrough.com/sync/v1?source_id=175kELn9xvfXoe3C4qjRaWS8&source_user_id=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Server

54.169.228.246 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-169-228-246.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
cache-control: no-cache
content-length: 68
content-type: image/png

Redirect headers

location: https://match.sharethrough.com/sync/v1?source_id=175kELn9xvfXoe3C4qjRaWS8&source_user_id=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Wed, 16 Oct 2024 08:08:39 GMT
etag: RXd8b0c28021784217a6f1b23d7e0a12c4004
content-type: text/html

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ 43 B
479 B 939ms
320ms Image
image/gif 98.82.157.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=sharethrough.com&id=00f043ca-a8c6-454f-b1b3-ba1fd54c4479

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

98.82.157.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-98-82-157-231.compute-1.amazonaws.com

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
x-amz-rid: 4GDGQC3EHNDTMNT9TTH9
Content-Length: 43
Date: Wed, 16 Oct 2024 08:08:36 GMT
Content-Type: image/gif
Vary: Content-Type,Accept-Encoding,User-Agent
Server: Server

POST
H2 204 collect
analytics.google.com/g/ 0
0 429ms
173ms Fetch
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-FVWZ0RM4DH&gtm=45je4ae0v9116367008za200&_p=1729066113333&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101686685~101823848&cid=422910039.1729066114&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&uid=AU1D-0100-001729066113-RW8U20VP-7TQL&sid=1729066113&sct=1&seg=0&dl=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&dt=Life%20Hacks%20to%20Tackle%20Those%20Everyday%20Irritations%20%7C%20ItsBlossom&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.dimension3=454&ep.dimension4=news.itsblossom.com&ep.dimension5=%2Fen%2FsDzHSexkMOasgP8f&ep.dimension7=eecbee50406043676dbae1e7ee42c39c&tfd=4173
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://news.itsblossom.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
547 B 503ms
168ms Ping
text/plain 2404:6800:4003:c0f::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FVWZ0RM4DH&cid=422910039.1729066114&gtm=45je4ae0v9116367008za200&aip=1&uid=AU1D-0100-001729066113-RW8U20VP-7TQL&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101823848
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c0f::9b Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://news.itsblossom.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:38 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 4436 0
0 486ms
201ms Document
text/html 2404:6800:4006:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-FVWZ0RM4DH&gacid=422910039.1729066114&gtm=45je4ae0v9116367008za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101686685~101823848&z=1037383086

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FVWZ0RM4DH&l=audDataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.itsblossom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 08:08:34 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.com.au/ads/ 42 B
63 B 426ms
235ms Image
image/gif 142.250.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FVWZ0RM4DH&cid=422910039.1729066114&gtm=45je4ae0v9116367008za200&aip=1&uid=AU1D-0100-001729066113-RW8U20VP-7TQL&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101686685~101823848&tag_exp=101686685~101823848&z=1939289151

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.67.3 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s16-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Wed, 16 Oct 2024 08:08:36 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

OPTIONS
H2 204 auction_end
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ Frame 0
0 236ms
234ms Preflight 54.213.2.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/auction_end
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.213.2.161 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-2-161.us-west-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://news.itsblossom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,Authorization,X-Forwarded-For
access-control-allow-methods: POST
access-control-allow-origin: https://news.itsblossom.com
access-control-max-age: 86400
date: Wed, 16 Oct 2024 08:08:33 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 auction_end Show response
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ 59 B
222 B 238ms
236ms Fetch
application/json 35.92.206.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/auction_end
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.92.206.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-92-206-26.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: c79893583afa9916d453aba170a250b2e2a5e93dd031de31892efe7c40ec4843

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
content-length: 59
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-credentials: true

GET
H2 200 01gzycae207th3p2tzy7_1080p.m3u8 Show response
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/ 7 KB
7 KB 263ms
263ms XHR
application/vnd.apple.mpegurl 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/01gzycae207th3p2tzy7_1080p.m3u8
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1994deb80166cd2236db3c24402cba820446f424dd8a45475777156d36e0e06d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "f26306758cfc672d818f5e5dd8e77824"
x-amz-version-id: IdMWIXl6OXD3qfkQBSjfSL3P.Pf2NN5l
age: 1285020
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:34 GMT
last-modified: Mon, 08 May 2023 19:21:29 GMT
x-served-by: cache-bfi-krnt7300054-BFI, cache-per12627-PER
x-cache-hits: 2195572, 0
content-type: application/vnd.apple.mpegurl
x-amz-id-2: MM+a8X/pPpgFrOe/z3A9dkdLUlNJOvLSfX+962wS2e7RCFL8tpaccfbS/9bj1BwsqJFqlarJgJY=
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066114.018216,VS0,VE216
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: VASMVFG6VSWZM8X1
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7022
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 join-ad-interest-groups.html
proton.ad.gt/ Frame B378 0
0 170ms
63ms Document
text/html 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://proton.ad.gt/join-ad-interest-groups.html
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://news.itsblossom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
ad-auction-allowed: true
age: 468
apigw-requestid: furxjjnJPHcEPPw=
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 8d368fce1b042d51-PER
content-encoding: br
content-type: text/html
date: Wed, 16 Oct 2024 08:08:34 GMT
last-modified: Wed, 16 Oct 2024 06:13:55 GMT
server: cloudflare
supports-loading-mode: fenced-frame
vary: Accept-Encoding

GET
H2 200 01gzycae207th3p2tzy7_1080p_00002.ts Show response
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/ 1 MB
1 MB 303ms
303ms XHR
video/mp2t 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/01gzycae207th3p2tzy7_1080p_00002.ts
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe1fbc5fae71983a4cedfd56075e539c6988f0a9a90f4ae8c538b7246e22b80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "81094664e38525284cb792f610a20d07"
x-amz-version-id: yVaH4x0wAXQGAK.rtTlbovuU9fP0_R40
age: 1350741
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:34 GMT
last-modified: Mon, 08 May 2023 19:17:11 GMT
x-served-by: cache-bfi-krnt7300090-BFI, cache-per12627-PER
x-cache-hits: 2229216, 0
content-type: video/MP2T
x-amz-id-2: Y/7EaqCMlZoAqc/5G9831YF/+rC/dfj4Fu52AdV9yaxBqNN5eTpE2bJ5HMbZkVTXC5waGWCn+CE2EfjltjwdsA==
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066114.285576,VS0,VE256
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: ZJP1XF596CNBG2VM
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1458880
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 event Show response
p.ad.gt/api/v1/ 0
34 B 325ms
324ms XHR
text/plain 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/454
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type: application/json
Referer: https://news.itsblossom.com/

Response headers

cf-ray: 8d368fd09f7e7382-PER
access-control-allow-origin: https://news.itsblossom.com
cf-cache-status: DYNAMIC
date: Wed, 16 Oct 2024 08:08:34 GMT
vary: Origin
server: cloudflare
access-control-allow-credentials: true

OPTIONS
H2 200 event
p.ad.gt/api/v1/ Frame 0
0 328ms
328ms Preflight
text/html 2606:4700:10::ac43:17ea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/event
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://news.itsblossom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://news.itsblossom.com
allow: POST, OPTIONS
cf-cache-status: DYNAMIC
cf-ray: 8d368fce8dbf7382-PER
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 16 Oct 2024 08:08:34 GMT
server: cloudflare
vary: Origin

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 285ms
94ms Preflight
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Wed, 16 Oct 2024 08:08:33 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 221255
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 56 B
301 B 329ms
325ms Fetch
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

bb930de795d1974fa4332a5b6349a845ab5240efa6e8fe7d730bae753e14e0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-origin: https://news.itsblossom.com
date: Wed, 16 Oct 2024 08:08:34 GMT
content-type: application/json;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 / Show response
d0.eu-3-id5-sync.com/ Frame 2FAA 1 B
143 B 1010ms
320ms Fetch
text/plain 51.195.115.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d0.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.115.36 , France, ASN16276 (OVH, FR),
Reverse DNS: ip36.ip-51-195-115.eu
Software: /
Resource Hash: 4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d1.eu-3-id5-sync.com/ Frame 2FAA 1 B
143 B 1011ms
322ms Fetch
text/plain 135.125.146.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d1.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.80 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-135-125-146.eu
Software: /
Resource Hash: df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d2.eu-3-id5-sync.com/ Frame 2FAA 1 B
143 B 1011ms
322ms Fetch
text/plain 51.195.34.220
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d2.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.34.220 , Jordan, ASN16276 (OVH, FR),
Reverse DNS: ip220.ip-51-195-34.eu
Software: /
Resource Hash: 559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d3.eu-3-id5-sync.com/ Frame 2FAA 1 B
143 B 1013ms
324ms Fetch
text/plain 51.195.73.74
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d3.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.74 , France, ASN16276 (OVH, FR),
Reverse DNS: ip74.ip-51-195-73.eu
Software: /
Resource Hash: d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d4.eu-3-id5-sync.com/ Frame 2FAA 1 B
143 B 1010ms
321ms Fetch
text/plain 51.195.73.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d4.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.82 , France, ASN16276 (OVH, FR),
Reverse DNS: ip82.ip-51-195-73.eu
Software: /
Resource Hash: e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d5.eu-3-id5-sync.com/ Frame 2FAA 1 B
143 B 1013ms
325ms Fetch
text/plain 135.125.146.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d5.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.82 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip82.ip-135-125-146.eu
Software: /
Resource Hash: 2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d6.eu-3-id5-sync.com/ Frame 2FAA 1 B
143 B 1016ms
322ms Fetch
text/plain 51.195.126.30
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d6.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.126.30 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip30.ip-51-195-126.eu
Software: /
Resource Hash: 7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d7.eu-3-id5-sync.com/ Frame 2FAA 1 B
143 B 1008ms
321ms Fetch
text/plain 51.195.73.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d7.eu-3-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d0.eu-4-id5-sync.com/ Frame 2FAA 1 B
143 B 1018ms
325ms Fetch
text/plain 135.125.140.162
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d0.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.140.162 , France, ASN16276 (OVH, FR),
Reverse DNS: ip162.ip-135-125-140.eu
Software: /
Resource Hash: 3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d1.eu-4-id5-sync.com/ Frame 2FAA 1 B
143 B 1017ms
324ms Fetch
text/plain 51.195.73.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d1.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d2.eu-4-id5-sync.com/ Frame 2FAA 1 B
143 B 1011ms
325ms Fetch
text/plain 135.125.146.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d2.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.82 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip82.ip-135-125-146.eu
Software: /
Resource Hash: 2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d3.eu-4-id5-sync.com/ Frame 2FAA 1 B
143 B 1017ms
324ms Fetch
text/plain 51.195.127.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d3.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.127.100 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-51-195-127.eu
Software: /
Resource Hash: f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d4.eu-4-id5-sync.com/ Frame 2FAA 1 B
143 B 994ms
322ms Fetch
text/plain 51.195.73.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d4.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d5.eu-4-id5-sync.com/ Frame 2FAA 1 B
143 B 984ms
321ms Fetch
text/plain 135.125.146.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d5.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 135.125.146.80 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-135-125-146.eu
Software: /
Resource Hash: df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d6.eu-4-id5-sync.com/ Frame 2FAA 1 B
143 B 1017ms
326ms Fetch
text/plain 51.195.73.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d6.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 / Show response
d7.eu-4-id5-sync.com/ Frame 2FAA 1 B
143 B 1014ms
323ms Fetch
text/plain 51.195.73.113
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://d7.eu-4-id5-sync.com/
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.195.73.113 , France, ASN16276 (OVH, FR),
Reverse DNS: ip113.ip-51-195-73.eu
Software: /
Resource Hash: a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-headers: *
access-control-max-age: 3600
access-control-allow-origin: *
content-length: 1
content-type: text/plain
access-control-allow-methods: GET, OPTIONS

GET
H2 200 01gzycae207th3p2tzy7_1080p_00003.ts Show response
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/ 818 KB
818 KB 343ms
342ms XHR
video/mp2t 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/01gzycae207th3p2tzy7_1080p_00003.ts
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a94f54b93473d123214c8abe137ad629318332fe1841b6d5f8dc4cd5b62b4667

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "d49eb9d70d375d39a2558b9a7a28d684"
x-amz-version-id: ZVW.ytkeOwMzjKSJsr3tV6DtFtDiJ4pA
age: 1858161
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:35 GMT
last-modified: Mon, 08 May 2023 19:17:12 GMT
x-served-by: cache-bfi-kbfi7400073-BFI, cache-per12627-PER
x-cache-hits: 2911588, 0
content-type: video/MP2T
x-amz-id-2: Jc7J7mEpeWWSoPhGd9DdktVp7eu7oTzCp4WLwcBgSHUrXo2Vx2Jd4xKDKqKCBWXD4L8e0DpkV+GbRR1Psw3IaA==
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066115.840009,VS0,VE284
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: KBQARHH9V29D2SBW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 837352
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 229.json Show response
id5-sync.com/g/v2/ 632 B
1 KB 326ms
325ms Fetch
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/229.json

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

d8594d5438fe8d3f637d44380d686dd4ef99003577feb9bea9c23007edfac537

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="CAO PSA OUR"
date: Wed, 16 Oct 2024 08:08:35 GMT
content-type: application/json
vary: Origin

POST
H2 200 01jaa5y5y97rtgk9sbswv6agp1 Show response
rtb.voltaxam.com/videos/ 134 B
696 B 726ms
708ms Fetch
application/json 2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.voltaxam.com/videos/01jaa5y5y97rtgk9sbswv6agp1
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8fe73f4cb70999c58343d9b12bfab837820976ac9cebf4e4c4c87e06323cf1ed

Request headers

mmtarget: production-ssp
Referer: https://news.itsblossom.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-methods: PUT, POST, DELETE, PATCH
x-cache: Miss from cloudfront
x-amz-cf-id: h6-DicxwddlegJ_uogeYZZhFb4tw6tXCiJPIcoFbM71cUELRFJ7uzw==
date: Wed, 16 Oct 2024 08:08:35 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
cache-control: private,no-store
access-control-allow-credentials: true
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
access-control-allow-origin: https://news.itsblossom.com
content-length: 139
x-amz-cf-pop: SYD62-P1

GET
H2 200 01gzycae207th3p2tzy7_1080p_00004.ts Show response
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/ 1 MB
1 MB 318ms
317ms XHR
video/mp2t 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/01gzycae207th3p2tzy7_1080p_00004.ts
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 553f5903dbca817268e45c6da63d3155439602ccef3df1e55f974df718492d64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "09bcd66b0a1028649bf0d7a7b2e50283"
x-amz-version-id: esinokXHpYjjrb4W2WzbSOQWBq7xHLGq
age: 1288070
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:35 GMT
last-modified: Mon, 08 May 2023 19:17:14 GMT
x-served-by: cache-bfi-krnt7300030-BFI, cache-per12627-PER
x-cache-hits: 2115547, 0
content-type: video/MP2T
x-amz-id-2: Sp76Yn9LhwjMScYqg+ye09GGxZt4HFnPdaXYdgxpn/WcO/9t6IrI6h7scUcuXyPQJY9CwbtpWjiG0xxXV5kLQQ==
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066115.316121,VS0,VE270
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: CANGGWQH9KHHTHT4
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1071412
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 v3 Show response
id5-sync.com/gm/ Frame 2FAA 700 B
1 KB 323ms
322ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/gm/v3

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

fe580af08cd7c199b090d56f6147921371d3696127bfac4d66a4a48e6b65041e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="CAO PSA OUR"
date: Wed, 16 Oct 2024 08:08:35 GMT
content-type: application/json
vary: Origin

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://match.sharethrough.com/universal/v1?supply_id=v5hJK9Sl&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=e8af3322-a148-4344-97c0-e3f692d131e3&gdpr=0

43 B
426 B

539ms
98ms

Image
image/gif

23.106.127.170
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=e8af3322-a148-4344-97c0-e3f692d131e3&gdpr=0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: HTTP/1.1
Server: 23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:35 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
location: https://rtb-csync.smartadserver.com/redir/?partnerid=147&partneruserid=e8af3322-a148-4344-97c0-e3f692d131e3&gdpr=0
content-length: 0

GET
H2 204 ImgSync
image8.pubmatic.com/AdServer/ 0
164 B 97ms
95ms Image
text/plain 67.199.150.82
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=164363
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.82 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

date: Tue, 15 Oct 2024 22:17:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sync
x.bidswitch.net/
Redirect Chain

https://onetag-sys.com/usync/?tag=img
https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=&user_id=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=onetag
https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=onetag
https://x.bidswitch.net/sync?dsp_id=70&user_id=3750431231219133343&ssp=onetag

43 B
92 B

180ms
177ms

Image
image/gif

35.213.7.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=70&user_id=3750431231219133343&ssp=onetag
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 35.213.7.90 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 90.7.213.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Wed, 16 Oct 2024 08:08:37 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://x.bidswitch.net/sync?dsp_id=70&user_id=3750431231219133343&ssp=onetag
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Oct 2024 08:08:37 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

/
sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/
Redirect Chain

https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?referrer=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&rd=1
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fgdpr%3D0%26euconsent%3D%26uid%3D$UID
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=JgUoABZHn8BW5yWCRZSYn8WU

95 B
368 B

263ms
263ms

Image
image/png

148.251.40.153
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=JgUoABZHn8BW5yWCRZSYn8WU
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 148.251.40.153 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.153.40.251.148.clients.your-server.de
Software: nginx / PHP/8.1.30
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
date: Wed, 16 Oct 2024 08:08:37 GMT
content-type: image/png
x-powered-by: PHP/8.1.30
server: nginx

Redirect headers

location: https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?gdpr=0&euconsent=&uid=JgUoABZHn8BW5yWCRZSYn8WU
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Oct 2024 08:08:37 GMT
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2

200

user
sync.cootlogix.com/api/
Redirect Chain

https://sync.cootlogix.com/api/sync/image/?cid=&gdpr=0&gdpr_consent=&us_privacy=
https://match.sharethrough.com/universal/v1?supply_id=TAEWcTBw&gdpr=0&gdpr_consent=
https://sync.cootlogix.com/api/cookie?partnerId=sharthrough&userId=e8af3322-a148-4344-97c0-e3f692d131e3&gdpr=0
https://cs.media.net/cksync?cs=30&type=vdz&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.cootlogix.com%2Fapi%2Fuser%3FpartnerId%3Dmedianet%26userId%3D%3Cvsid%3E%26gdpr%3D0%26gdpr_con...
https://sync.cootlogix.com/api/user?partnerId=medianet&userId=3720677159035665000V10&gdpr=0&gdpr_consent=&us_privacy=

0
431 B

316ms
315ms

Image
text/plain

146.190.215.179
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.cootlogix.com/api/user?partnerId=medianet&userId=3720677159035665000V10&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 146.190.215.179 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-methods: GET, HEAD, OPTIONS, POST
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
content-length: 0
date: Wed, 16 Oct 2024 08:08:37 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Location: https://sync.cootlogix.com/api/user?partnerId=medianet&userId=3720677159035665000V10&gdpr=0&gdpr_consent=&us_privacy=
Pragma: no-cache
Connection: keep-alive
Expires: Wed, 16 Oct 2024 08:08:37 GMT
x-mnet-hl2: E
Content-Length: 154
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Date: Wed, 16 Oct 2024 08:08:37 GMT
Content-Type: text/html
Server: Apache

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://equativ-match.dotomi.com/match/bounce/current?networkId=9252325&version=1&nuid=SMART_USER_ID&gdpr=0&gdpr_consent=
https://equativ-match.dotomi.com/match/bounce/current?DotomiTest=234434ab7e5621ea&is_secure=true&networkId=9252325&version=1&nuid=SMART_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=155&partneruserid=AQAK1Gw5dt35uAJUEOLUAQEBAQEBAQCTlV4mtgEBAJOVXia2&expiration=1729152517&nuid=SMART_USER_ID&is_secure=true&gdpr_consent=&...

43 B
479 B

97ms
97ms

Image
image/gif

23.106.127.170
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=155&partneruserid=AQAK1Gw5dt35uAJUEOLUAQEBAQEBAQCTlV4mtgEBAJOVXia2&expiration=1729152517&nuid=SMART_USER_ID&is_secure=true&gdpr_consent=&gdpr=0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: HTTP/1.1
Server: 23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:37 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

expires: 0
cache-control: no-cache, private, max-age=0, no-store
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=155&partneruserid=AQAK1Gw5dt35uAJUEOLUAQEBAQEBAQCTlV4mtgEBAJOVXia2&expiration=1729152517&nuid=SMART_USER_ID&is_secure=true&gdpr_consent=&gdpr=0
content-length: 0
date: Wed, 16 Oct 2024 08:08:37 GMT
pragma: no-cache
server: nginx

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8077868095493991453&gdpr=0&gdpr_consent=

43 B
449 B

130ms
96ms

Image
image/gif

23.106.127.170
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8077868095493991453&gdpr=0&gdpr_consent=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: HTTP/1.1
Server: 23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:36 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8077868095493991453&gdpr=0&gdpr_consent=
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-methods: GET
expires: -1
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Oct 2024 08:08:37 GMT
server: nginx
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=fmx&us_privacy=&gdpr=&gdpr_consent=&gpp_sid=
https://inv-nets.admixer.net/adxcm.aspx?ssp=D41B0D84-4DB7-4D9C-81CC-3A497DB5D0A6&gdpr=&consent=&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D354%26user_id%3D%24%24visitor_cookie%24%24%26ssp%3Dfmx%2...
https://x.bidswitch.net/sync?dsp_id=354&user_id=1ef4a92e8d8f4b209c524f7edc6a232f&ssp=fmx&bsw_param=0ff9aa47-d50f-4262-a58b-d5a3a194edbc&gdpr=&consent=&gdpr_pd=&expires=7
https://ce.lijit.com/merge?pid=26&3pid=0ff9aa47-d50f-4262-a58b-d5a3a194edbc&gdpr=&gdpr_consent=&us_privacy=

43 B
730 B

716ms
245ms

Image
image/gif

44.229.114.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=26&3pid=0ff9aa47-d50f-4262-a58b-d5a3a194edbc&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 44.229.114.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-114-113.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Oct 2024 08:08:36 GMT
content-type: image/gif
vary: Accept-Encoding

Redirect headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
location: //ce.lijit.com/merge?pid=26&3pid=0ff9aa47-d50f-4262-a58b-d5a3a194edbc&gdpr=&gdpr_consent=&us_privacy=
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:36 GMT

GET
H2

200

gjIEMT18
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=...

85 B
171 B

48ms
48ms

Image
image/png

151.101.130.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Zw90hAAJTtnrHAA3
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 151.101.130.49 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

x-robots-tag: noindex
cache-control: no-cache
x-timer: S1729066116.455455,VS0,VE0
age: 2275
pragma: no-cache
via: 1.1 varnish
accept-ranges: bytes
x-cache: HIT
content-length: 85
date: Wed, 16 Oct 2024 08:08:36 GMT
content-type: image/png
x-served-by: cache-per12620-PER
server: Jetty(9.4.35.v20201120)
x-cache-hits: 5188

Redirect headers

x-robots-tag: noindex
cache-control: no-cache
location: https://sync-tm.everesttech.net/ct/upi/pid/gjIEMT18?redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D94%26partneruserid%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Zw90hAAJTtnrHAA3
x-timer: S1729066116.148957,VS0,VE259
pragma: no-cache
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
content-length: 0
date: Wed, 16 Oct 2024 08:08:36 GMT
x-served-by: cache-per12620-PER
server: Jetty(9.4.35.v20201120)
x-cache-hits: 0

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=sovrn&gdpr=&gdpr_consent=&gpp_sid=
https://ce.lijit.com/merge?pid=80&3pid=M2BLBIAL-A-9ZFL

43 B
860 B

240ms
239ms

Image
image/gif

44.229.114.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=80&3pid=M2BLBIAL-A-9ZFL
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 44.229.114.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-114-113.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Oct 2024 08:08:37 GMT
content-type: image/gif
vary: Accept-Encoding

Redirect headers

Cache-Control: no-cache,no-store,must-revalidate
Location: https://ce.lijit.com/merge?pid=80&3pid=M2BLBIAL-A-9ZFL
Pragma: no-cache
Expires: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: e1bddfc34a927e97bda010c0d8a62b62
content-length: 0
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ap.lijit.com/dsp/google/cookiematch/dv?gdpr=&gdpr_consent=&gpp_sid=
https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SmdVb0FCWkhuOEJXNXlXQ1JaU1luOFdV

170 B
188 B

196ms
196ms

Image
image/png

172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SmdVb0FCWkhuOEJXNXlXQ1JaU1luOFdV

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Wed, 16 Oct 2024 08:08:36 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=lijit_dbm&google_hm=SmdVb0FCWkhuOEJXNXlXQ1JaU1luOFdV
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, DELETE, PUT
access-control-allow-origin: *
content-length: 0
date: Wed, 16 Oct 2024 08:08:35 GMT
vary: Accept-Encoding
access-control-allow-headers: X-Requested-With, Content-Type

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=&gpp=&gpp_sid=
https://eb2.3lift.com/xuid?mid=3658&xuid=d001ba32-7b2e-44c7-9ae9-462456187448&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
474 B

180ms
180ms

Image
image/gif

52.223.2.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=d001ba32-7b2e-44c7-9ae9-462456187448&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date: Wed, 16 Oct 2024 08:08:36 GMT
content-type: image/gif

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=d001ba32-7b2e-44c7-9ae9-462456187448&dongle=0cfd&gdpr=0&gdpr_consent=
content-length: 251
date: Wed, 16 Oct 2024 08:08:35 GMT
server: Kestrel

GET
H2

200

cookie
sync.kueezrtb.com/api/
Redirect Chain

https://sync.kueezrtb.com/api/sync/image/?cid=&gdpr=0&gdpr_consent=&us_privacy=
https://ads.yieldmo.com/pbsync?is=kueez&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-yieldmo%26gdpr%3D0%26gdpr_consent%3D%26us_pri...
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-yieldmo&userId=VeyIvMM6r5MpMECoCAq9&gdpr=0&gdpr_consent=&us_privacy=
https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-xandr%26userId%3D%24UID%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D&gdpr=0&gdpr_consent=
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-xandr&userId=1470867526730679273&gdpr=0&gdpr_consent=&us_privacy=&gdpr=0&gdpr_consent=
https://cs.media.net/cksync?cs=45&type=ku&gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-medinet%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26use...
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-medinet&gdpr=0&gdpr_consent=&us_privacy=&userId==3720677159035665000V10
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-sovrn%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26userId%3D%24UID
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-sovrn&gdpr=0&gdpr_consent=&us_privacy=&userId=JgUoABZHn8BW5yWCRZSYn8WU
https://u.openx.net/w/1.0/cm?id=99b0e635-e719-4648-8bd7-0fd339d4e2e5&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-openx%26gdpr%3D0%26gdpr_co...
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-openx&gdpr=0&gdpr_consent=&us_privacy=&userId=b2ba9a07-87fa-42f8-8710-6d091a88fca9
https://sync.1rx.io/usersync2/rmpssp?sub=kueez&us_privacy=&gdpr=0&gdpr_consent=
https://sync.targeting.unrulymedia.com/csync/RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004?redir=https%3A%2F%2Fsync.kueezrtb.com%2Fapi%2Fcookie%3FpartnerId%3Dkueez-r1%26userId%3DRX-d8b0c280-2178-4217...
https://sync.kueezrtb.com/api/cookie?partnerId=kueez-r1&userId=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004

43 B
495 B

322ms
322ms

Image
image/avif

67.205.171.186
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-r1&userId=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 67.205.171.186 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS, POST
access-control-allow-origin: *
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
content-length: 43
date: Wed, 16 Oct 2024 08:08:41 GMT
content-type: image/avif
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

Redirect headers

location: https://sync.kueezrtb.com/api/cookie?partnerId=kueez-r1&userId=RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Wed, 16 Oct 2024 08:08:40 GMT
etag: RXd8b0c28021784217a6f1b23d7e0a12c4004
content-type: text/html

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://firstmedia2-d.openx.net/w/1.0/pd
https://ad.turn.com/r/cs?pid=9&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2351121154668339730&gdpr=0&gdpr_consent=&us_privacy=

43 B
163 B

183ms
182ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2351121154668339730&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Oct 2024 08:08:37 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
location: https://us-u.openx.net/w/1.0/sd?id=537073061&val=2351121154668339730&gdpr=0&gdpr_consent=&us_privacy=
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
content-length: 0
pragma: no-cache
date: Wed, 16 Oct 2024 08:08:36 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/sas?gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir?partneruserid=AAB6bU7OHukAABS79uHuPg&partnerid=127&gdpr=0

43 B
476 B

96ms
96ms

Image
image/gif

23.106.127.170
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partneruserid=AAB6bU7OHukAABS79uHuPg&partnerid=127&gdpr=0
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: HTTP/1.1
Server: 23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:36 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

strict-transport-security: max-age=2592000; includeSubDomains
location: https://rtb-csync.smartadserver.com/redir?partneruserid=AAB6bU7OHukAABS79uHuPg&partnerid=127&gdpr=0
Content-Length: 0
Date: Wed, 16 Oct 2024 08:08:37 GMT
Server: gunicorn
Connection: keep-alive

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=&gdpr_consent=&gpp_sid=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=&gdpr_consent=&gpp_sid=
https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D0b932f...
https://ce.lijit.com/merge?pid=16&3pid=0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553&gdpr=0&gdpr_consent=

43 B
1016 B

246ms
245ms

Image
image/gif

44.229.114.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=16&3pid=0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553&gdpr=0&gdpr_consent=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 44.229.114.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-114-113.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Oct 2024 08:08:38 GMT
content-type: image/gif
vary: Accept-Encoding

Redirect headers

strict-transport-security: max-age=31536000
location: https://ce.lijit.com/merge?pid=16&3pid=0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553&gdpr=0&gdpr_consent=
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Wed, 16 Oct 2024 08:08:38 GMT
server: Jetty(11.0.13)

GET
H2

200

merge
ce.lijit.com/
Redirect Chain

https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=&gdpr_consent=&gpp_sid=
https://ce.lijit.com/merge?pid=27&3pid=d001ba32-7b2e-44c7-9ae9-462456187448&gdpr=0&gdpr_consent=

43 B
873 B

249ms
248ms

Image
image/gif

44.229.114.113
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=27&3pid=d001ba32-7b2e-44c7-9ae9-462456187448&gdpr=0&gdpr_consent=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 44.229.114.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-229-114-113.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
pragma: no-cache
expires: Fri, 20 Mar 2009 00:00:00 GMT
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Oct 2024 08:08:37 GMT
content-type: image/gif
vary: Accept-Encoding

Redirect headers

location: https://ce.lijit.com/merge?pid=27&3pid=d001ba32-7b2e-44c7-9ae9-462456187448&gdpr=0&gdpr_consent=
content-length: 223
date: Wed, 16 Oct 2024 08:08:37 GMT
server: Kestrel

GET
H2

200

match
ssp.disqus.com/
Redirect Chain

https://ssp.disqus.com/sync?type=image
https://eexsync.com/ztgl358.gif?gdpr=0&gdpr_consent=&us_privacy=&coppa=&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D38%26buyeruid%3D%7B%24PARTNER_UID%7D%26r%3D
https://ssp.disqus.com/match?bidder=38&buyeruid=8711915e96cfa3da18d33475042af97770f437b16b9216853b9b7c4d9e01bf0a&r=

0
78 B

310ms
310ms

Image
text/plain

3.218.235.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.disqus.com/match?bidder=38&buyeruid=8711915e96cfa3da18d33475042af97770f437b16b9216853b9b7c4d9e01bf0a&r=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Server: 3.218.235.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-218-235-254.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

expires: 0
cache-control: no-store
content-length: 0
date: Wed, 16 Oct 2024 08:08:37 GMT
pragma: no-cache

Redirect headers

Transfer-Encoding: chunked
Cache-Control: no-cache, no-store, must-revalidate
Location: https://ssp.disqus.com/match?bidder=38&buyeruid=8711915e96cfa3da18d33475042af97770f437b16b9216853b9b7c4d9e01bf0a&r=
Pragma: no-cache
Connection: keep-alive
Expires: 0
Keep-Alive: timeout=1
Date: Wed, 16 Oct 2024 08:08:36 GMT

GET
H2 200 sync
x.bidswitch.net/ 43 B
92 B 179ms
178ms Image
image/gif 35.213.7.90
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=themediagrid
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.7.90 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 90.7.213.35.bc.googleusercontent.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

via: 1.1 google
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
date: Wed, 16 Oct 2024 08:08:35 GMT
content-type: image/gif

GET
H2 200 13815 Show response
check.analytics.rlcdn.com/check/ 25 B
383 B 547ms
351ms Fetch
application/json 13.35.147.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/13815
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-147-54.syd1.r.cloudfront.net
Software: /
Resource Hash: 8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-amz-apigw-id: fu8ksE-_DoEEjiw=
x-amzn-trace-id: Root=1-670f7484-4bfc94d629440a0f0202ce2b
x-amzn-requestid: 5b16b871-8883-4d5c-9166-e9983bada37f
via: 1.1 cab8093de9e922f6aac9f66e51afc0cc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 25
x-amz-cf-id: 6baIxgZIWShDz34Nv2s5zmxIKQSp9wW5_dt31IiZdkr1Bzup6DMcQA==
date: Wed, 16 Oct 2024 08:08:36 GMT
content-type: application/json
x-amz-cf-pop: SYD1-C1

GET

input
cookie-matching.mediarithmics.com/ Frame 2FAA
Redirect Chain

https://id5-sync.com/i/1064/8.gif?o=api&id5id=ID5*cUiQI4LzurHiDh-CIlHGiHY3I2ErldRM_qTMONvbRH3PIkdmVeilfO6knpRy0vUE&gdpr_consent=undefined&gdpr=false
https://c1.adform.net/serving/cookie/match?party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F1064%2F10%2F7%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://c1.adform.net/serving/cookie/match?CC=1&party=1135&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F1064%2F10%2F7%2F2.gif%3Fpuid%3D%5Badformuid%5D%26gdpr%3D0%26gdpr_consent%3D&gdpr_consent=&gdpr=0
https://id5-sync.com/c/1064/10/7/2.gif?puid=3706714843346917126&gdpr=0&gdpr_consent=
https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1064%2F108%2F6%2F3.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_co...
https://id5-sync.com/c/1064/108/6/3.gif?puid=198cd94c-4256-4cca-a638-2ca68b26c2d0&gdpr=0&gdpr_consent=
https://ib.adnxs.com/getuid?https://id5-sync.com/c/1064/2/5/4.gif?puid=$UID&gdpr=0&gdpr_consent=
https://id5-sync.com/c/1064/2/5/4.gif?puid=1470867526730679273&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=8h9u11h&ttd_tpi=1&gdpr=0&gdpr_consent=
https://id5-sync.com/k/264.gif?puid=d001ba32-7b2e-44c7-9ae9-462456187448&ttl=%%TTL%%
https://uipglob.semasio.net/id5/1/get?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1064%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://uipglob.semasio.net/id5/1/get2?gdpr=0&gdpr_consent=&_url=https%3A%2F%2Fid5-sync.com%2Fc%2F1064%2F112%2F3%2F6.gif%3Fpuid%3D%24%7BUIPID%7D%26gdpr%3D0%26gdpr_consent%3D
https://id5-sync.com/c/1064/112/3/6.gif?puid=AB1F720463211B4C&gdpr=0&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm
https://cookie-matching.mediarithmics.com/v1/get_or_create?gdpr_consent=&gdpr=0&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm&gdpr_consent=&gdpr=0&action=GET_...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm&gdpr_consent=&gdpr=0&action=GET_ID&op...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEIbJm3CwF87lt-dSgqcPf3o&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0Rv...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1470867526730679273&opid=apx&ops=&utidl=tech:goo:CAESEIbJm3CwF87lt-dSgqcPf3o&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0a...

0
0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=160&partneruserid=1&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3...
https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=NTYyNjUyNzU0MjA0MzU4NDY5Nw==&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPH7ZWbk5gXX3bvWmGb-N1M&gdpr=0&gdpr_consent=&google_cver=1

43 B
507 B

94ms
94ms

Image
image/gif

23.106.127.170
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPH7ZWbk5gXX3bvWmGb-N1M&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: HTTP/1.1
Server: 23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:37 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

cache-control: no-cache, must-revalidate
location: https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPH7ZWbk5gXX3bvWmGb-N1M&gdpr=0&gdpr_consent=&google_cver=1
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 345
date: Wed, 16 Oct 2024 08:08:37 GMT
x-xss-protection: 0
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://eu-u.openx.net/w/1.0/cm?id=a547219b-814b-4e3e-8a4f-35c044fa1891&ph=ec81d0b7-c42e-4a42-b97a-9305af647d30&r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D100%2...
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=8e4d5da9-e1a8-4a8e-8688-571a67a606dd&gdpr=0&gdpr_consent=

43 B
517 B

96ms
95ms

Image
image/gif

23.106.127.170
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=8e4d5da9-e1a8-4a8e-8688-571a67a606dd&gdpr=0&gdpr_consent=
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: HTTP/1.1
Server: 23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:36 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=100&partneruserid=8e4d5da9-e1a8-4a8e-8688-571a67a606dd&gdpr=0&gdpr_consent=
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 16 Oct 2024 08:08:37 GMT
content-type: image/gif
vary: Accept, Accept-Encoding
server: OXGW/0.0.0

GET
H/1.1

200
OK

/
rtb-csync.smartadserver.com/redir/
Redirect Chain

https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=9ae32fa093

43 B
532 B

97ms
96ms

Image
image/gif

23.106.127.170
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=9ae32fa093
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: HTTP/1.1
Server: 23.106.127.170 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 LEASEWEB SINGAPORE PTE. LTD., SG),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:37 GMT
pragma: no-cache
content-type: image/gif

Redirect headers

cache-control: no-cache, must-revalidate
location: https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=9ae32fa093
age: 3
via: 1.1 00625c2aa02f6876cd9570486ac98924.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 0
x-amz-cf-id: A8x95-B2qK5X-U7Bd6nkMhJDnpQYDhL1bF2uTJ8Oe40kw-faTFAR4g==
date: Wed, 16 Oct 2024 08:08:34 GMT
x-amz-cf-pop: SYD3-P2
server: CloudFront

POST
H2 200 auction_end Show response
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ 60 B
223 B 237ms
236ms Fetch
application/json 35.92.206.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/auction_end
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.92.206.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-92-206-26.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7f03517e09c6abad4ce9968ecdae4906b9b918ecce3bfcd382274ea4f858d51d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
content-length: 60
date: Wed, 16 Oct 2024 08:08:36 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-credentials: true

POST
H2 200 01jaa5y5y97rtgk9sbswv6agp1 Show response
rtb.voltaxam.com/videos/ 134 B
696 B 381ms
379ms Fetch
application/json 2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.voltaxam.com/videos/01jaa5y5y97rtgk9sbswv6agp1
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8fe73f4cb70999c58343d9b12bfab837820976ac9cebf4e4c4c87e06323cf1ed

Request headers

mmtarget: production-ssp
Referer: https://news.itsblossom.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-methods: PUT, POST, DELETE, PATCH
x-cache: Miss from cloudfront
x-amz-cf-id: AYoIhV058GNyfBXq_ihSis490DGCutm3h3vkOG9mtWffWeU5mdpbDQ==
date: Wed, 16 Oct 2024 08:08:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
cache-control: private,no-store
access-control-allow-credentials: true
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
access-control-allow-origin: https://news.itsblossom.com
content-length: 139
x-amz-cf-pop: SYD62-P1

POST
H2 200 ads Show response
selector.voltaxam.com/ 126 B
619 B 266ms
265ms Fetch
application/json 108.158.20.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://selector.voltaxam.com/ads
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-100.syd62.r.cloudfront.net
Software: /
Resource Hash: 4bd0dc07fd8484c9cb6b0aa330cfe35bda22799520f74065c7a3f355e72f0baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://news.itsblossom.com/

Response headers

x-region: us-west-2
cache-control: private,no-store
content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 1b68da67ecd8210b43b9ded7550536ca.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 136
x-amz-cf-id: _ogi-VSd9YpSFshGByxYYibSLkEzqEKMxU0_zqCxf0DBtzKdCHTimA==
date: Wed, 16 Oct 2024 08:08:37 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: SYD62-P3
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 2FAA 482 B
681 B 272ms
271ms XHR
text/javascript 108.158.35.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&pid=jKrkXhukY4E3a&cb=1&ws=0x8&v=24.827.1552&t=5000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A10%2C%22id%22%3A%22MinuteMediaOutStream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22704x396%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=%5B%22csngn4%22%5D&schain=1.0%2C1%21kueez.com%2Cbd44ade20c8ba1fefca57b320f325495%2C1%2C%2C%2C&sm=9a10bce2-6081-488f-824c-9624546cb978&pubid=95550f43-0974-4ce7-9e2c-9558931ffc50&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22id5%22%3A%22ID5*cUiQI4LzurHiDh-CIlHGiHY3I2ErldRM_qTMONvbRH3PIkdmVeilfO6knpRy0vUE%22%2C%22lotame%22%3A%2227cd7948efeefbb4d88273a8adf2185ca02cd1bb9594d3af7a4ca806f838fa28%22%2C%22pubcommon%22%3A%22295cd97a-293b-4644-9a45-56631a227001%22%7D%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.35.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-35-170.syd3.r.cloudfront.net
Software: Server /
Resource Hash: 33e0190de1f0361dba4defb01f1b0678957d175c919bd95cc766d94e1a9b52b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 db487bbf70af29af96ef50a3f5b469d4.cloudfront.net (CloudFront)
access-control-allow-origin: https://news.itsblossom.com
x-cache: Miss from cloudfront
content-length: 347
x-amz-cf-id: sFlkHtF0MbhAyWmlPKEBeb9wMWXdi3UJydZbInig0J1f9iblFfOkYg==
date: Wed, 16 Oct 2024 08:08:37 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: SYD3-P2
server: Server

GET
H2 200 %7B%22_type%22%3A%22libLatency%22%2C%22pid%22%3A%22jKrkXhukY4E3a%22%2C%22ns%22%3A1729066112590%2C%22tcc%22%3A98%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%22600%22%2C%22pubid%22%3A%2295550f43-0974-...
aax.amazon-adsystem.com/x/px/p/PH/ Frame 2FAA 43 B
329 B 465ms
465ms Image
image/gif 108.158.35.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_type%22%3A%22libLatency%22%2C%22pid%22%3A%22jKrkXhukY4E3a%22%2C%22ns%22%3A1729066112590%2C%22tcc%22%3A98%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%22600%22%2C%22pubid%22%3A%2295550f43-0974-4ce7-9e2c-9558931ffc50%22%2C%22lv%22%3A%2224.827.1552%22%7D
Requested by: Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.35.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-35-170.syd3.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
content-encoding: gzip
pragma: no-cache
via: 1.1 db487bbf70af29af96ef50a3f5b469d4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: Gl7MAGGL1PpwL8LfG9o1uy2nVCMQJkhW7hi-gOO2IdLS71Wpx8XcSQ==
date: Wed, 16 Oct 2024 08:08:38 GMT
content-type: image/gif
x-amz-cf-pop: SYD3-P2
server: Server

GET
H2 200 01gzycae207th3p2tzy7_1080p_00005.ts Show response
vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/ 1 MB
1 MB 367ms
367ms XHR
video/mp2t 2a04:4e42:4f::820
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vms-videos.minutemediaservices.com/01gzycae207th3p2tzy7/m3u8/01gzycae207th3p2tzy7_1080p_00005.ts
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:4f::820 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e71d427c04395d529f05b1c72f400e403a6d8fef389f272ddaebc3c60598ca2b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

access-control-expose-headers: *
etag: "fff5db8b543272357396280c7509a752"
x-amz-version-id: Rx4hZYZ1AHKYMLvi3GwiHCqLRaXwdokb
age: 2542510
access-control-allow-methods: POST,GET,OPTIONS
x-cache: HIT, MISS
date: Wed, 16 Oct 2024 08:08:39 GMT
last-modified: Mon, 08 May 2023 19:17:16 GMT
x-served-by: cache-bfi-krnt7300104-BFI, cache-per12627-PER
x-cache-hits: 4640282, 0
content-type: video/MP2T
x-amz-id-2: yfY4unZwcBJnXASzfmYRRG7JFC3WhQD40UeQXqAOjMjTfKqjvfB8BA4QH6bvXylNutJ3CX7uiF4=
access-control-allow-headers: *
vary: Origin
x-amz-replication-status: COMPLETED
cache-control: private, max-age=86400
x-timer: S1729066119.102368,VS0,VE319
via: 1.1 varnish, 1.1 varnish
x-amz-request-id: 1AQ4832X6MDBA4WW
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1358488
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 01jaa5y5y97rtgk9sbswv6agp1 Show response
rtb.voltaxam.com/videos/ 134 B
698 B 367ms
365ms Fetch
application/json 2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.voltaxam.com/videos/01jaa5y5y97rtgk9sbswv6agp1
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8fe73f4cb70999c58343d9b12bfab837820976ac9cebf4e4c4c87e06323cf1ed

Request headers

mmtarget: production-ssp
Referer: https://news.itsblossom.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-methods: PUT, POST, DELETE, PATCH
x-cache: Miss from cloudfront
x-amz-cf-id: hRrZyDNzTVUWClMwmfW-tYtxji6oTSdRG3-UXOA3E5DLFX6mfkIZ6A==
date: Wed, 16 Oct 2024 08:08:39 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
cache-control: private,no-store
access-control-allow-credentials: true
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
access-control-allow-origin: https://news.itsblossom.com
content-length: 139
x-amz-cf-pop: SYD62-P1

OPTIONS
H2 200 01jaa5y5y97rtgk9sbswv6agp1
rtb.voltaxam.com/videos/ Frame 0
0 265ms
265ms Preflight
application/json 2600:9000:2212:c200:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.voltaxam.com/videos/01jaa5y5y97rtgk9sbswv6agp1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:c200:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: mmtarget
Access-Control-Request-Method: POST
Origin: https://news.itsblossom.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
access-control-allow-methods: PUT, POST, DELETE, PATCH
access-control-allow-origin: https://news.itsblossom.com
content-length: 122
content-type: application/json; charset=utf-8
date: Wed, 16 Oct 2024 08:08:39 GMT
via: 1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
x-amz-cf-id: wAVHQaP4LIHFHQK8I9ml4KmM-QiOwBgqwpQRzrC4v_N_gJQ3hhqwBA==
x-amz-cf-pop: SYD62-P1
x-cache: Miss from cloudfront

POST
H2 204 /
events3.bqstreamer.com/ 0
289 B 340ms
339ms Ping
text/plain 2606:4700:20::681a:367
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://events3.bqstreamer.com/
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:367 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://news.itsblossom.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hO1XJ9iOdvh8Rf2wiMIXpnc5%2FW%2BeIX3WnsivqFrnSB6NljmetXHK07VNBX1Wx%2BI3V4wfnwxY%2BJRNoZSPPevbogySFn7EOtMBrt74ek1iS4o6da7vXKbbwG9x5I93oIP4j06W7ttN7RcpH9M9TtgBnAJ3AaE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d368ff5cd9587b5-PER
access-control-allow-origin: *
date: Wed, 16 Oct 2024 08:08:40 GMT
content-type: text/plain
vary: Accept-Encoding
server: cloudflare

POST
H2 204 csi
csi.gstatic.com/ 0
532 B 1119ms
392ms Ping
image/gif 2607:f8b0:4012:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~m2blbjsi&c=4133105877736&slotId=2066552938868&eee=missing-element&bi=missing-id
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

GET
H2 206 mp4_450Kbs_15fps_48khz_96Kbs_360p.mp4
m.media-amazon.com/images/S/al-jp-eb5039ce-f881/5ff9256a-b272-4d89-9a49-990143c2156d.mp4/ 32 KB
0 279ms
94ms Media
video/mp4 2600:1415:9c00:6::1728:3475
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://m.media-amazon.com/images/S/al-jp-eb5039ce-f881/5ff9256a-b272-4d89-9a49-990143c2156d.mp4/mp4_450Kbs_15fps_48khz_96Kbs_360p.mp4?c=586015978725917109&a=589042597024683814&d=30.133333&br=449&w=854&h=480&ct=1014%2C1020%2C1023&ca=2

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1415:9c00:6::1728:3475 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://news.itsblossom.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

x-amz-ir-id: 479a2b89-8896-4f9c-87ef-fe7656c3e06a
surrogate-key: x-cache-046 /images/S/al-jp-eb5039ce-f881/5ff9256a-b272-4d89-9a49-990143c2156d.mp4/mp4_450Kbs_15fps_48khz_96Kbs_360p
expires: Sun, 09 Oct 2044 15:16:52 GMT
alt-svc: h3=":443"; ma=93600
x-cache: Hit from akamai
server-timing: provider;desc="ak"
date: Wed, 16 Oct 2024 08:08:40 GMT
content-type: video/mp4
last-modified: Wed, 02 Oct 2024 08:27:30 GMT
x-nginx-cache-status: HIT
akamai-cache-status: Hit from child
strict-transport-security: max-age=86400
cache-control: public, max-age=630572892
peer-cache: Hit
timing-allow-origin: https://news.itsblossom.com/
Content-Range: bytes 0-2066004/2066005
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 2066005
akamai-grn: 0.756f2717.1729066120.62dde1a
server: Server

GET
H2 206 mp4_450Kbs_15fps_48khz_96Kbs_360p.mp4
m.media-amazon.com/images/S/al-jp-eb5039ce-f881/5ff9256a-b272-4d89-9a49-990143c2156d.mp4/ 34 KB
34 KB 372ms
94ms Media
video/mp4 2600:1415:9c00:6::1728:3475
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Security

QUIC, , AES_256_GCM

Server

2600:1415:9c00:6::1728:3475 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Server /

Resource Hash

c2ccc4e672ce8e6da9035e7dd7a44a3e5c9ab6dab8496e45195384e101bdfff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://news.itsblossom.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=2031616-

Response headers

x-amz-ir-id: 479a2b89-8896-4f9c-87ef-fe7656c3e06a
surrogate-key: x-cache-046 /images/S/al-jp-eb5039ce-f881/5ff9256a-b272-4d89-9a49-990143c2156d.mp4/mp4_450Kbs_15fps_48khz_96Kbs_360p
expires: Thu, 06 Oct 2044 12:31:14 GMT
alt-svc: h3=":443"; ma=93600
x-cache: Hit from akamai
server-timing: provider;desc="ak"
date: Wed, 16 Oct 2024 08:08:41 GMT
last-modified: Wed, 02 Oct 2024 08:27:30 GMT
x-nginx-cache-status: HIT
content-type: video/mp4
akamai-cache-status: Hit from child
strict-transport-security: max-age=86400
cache-control: public, max-age=630303753
peer-cache: Hit
timing-allow-origin: https://news.itsblossom.com/
Content-Range: bytes 2031616-2066004/2066005
quic-version: 0x00000001
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 34389
akamai-grn: 0.bd6f2717.1729066121.25ba4707
server: Server

POST
H2 200 01jaa5y5y97rtgk9sbswv6agp1 Show response
rtb.voltaxam.com/videos/ 134 B
697 B 378ms
376ms Fetch
application/json 2600:9000:2212:9600:7:d444:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb.voltaxam.com/videos/01jaa5y5y97rtgk9sbswv6agp1
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2212:9600:7:d444:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8fe73f4cb70999c58343d9b12bfab837820976ac9cebf4e4c4c87e06323cf1ed

Request headers

mmtarget: production-ssp
Referer: https://news.itsblossom.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-expose-headers: mm-env
content-encoding: gzip
mm-env: production-ssp
access-control-allow-methods: PUT, POST, DELETE, PATCH
x-cache: Miss from cloudfront
x-amz-cf-id: qQhepviupYuxm8GqlrUwXOpWLvuzCyhrYHaNQ45k-nhfecprMBm7PA==
date: Wed, 16 Oct 2024 08:08:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
cache-control: private,no-store
access-control-allow-credentials: true
via: 1.1 d984fdadf0cdecb9528648815c62416c.cloudfront.net (CloudFront)
access-control-allow-origin: https://news.itsblossom.com
content-length: 139
x-amz-cf-pop: SYD62-P1

GET
H2 206 mp4_450Kbs_15fps_48khz_96Kbs_360p.mp4
m.media-amazon.com/images/S/al-jp-eb5039ce-f881/5ff9256a-b272-4d89-9a49-990143c2156d.mp4/ 2 MB
0 94ms
94ms Media
video/mp4 2600:1415:9c00:6::1728:3475
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: news.itsblossom.com
URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f

Protocol

Security

QUIC, , AES_256_GCM

Server

2600:1415:9c00:6::1728:3475 , United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://news.itsblossom.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=32768-

Response headers

x-amz-ir-id: 479a2b89-8896-4f9c-87ef-fe7656c3e06a
surrogate-key: x-cache-046 /images/S/al-jp-eb5039ce-f881/5ff9256a-b272-4d89-9a49-990143c2156d.mp4/mp4_450Kbs_15fps_48khz_96Kbs_360p
expires: Thu, 06 Oct 2044 12:31:14 GMT
alt-svc: h3=":443"; ma=93600
x-cache: Hit from akamai
server-timing: provider;desc="ak"
date: Wed, 16 Oct 2024 08:08:41 GMT
last-modified: Wed, 02 Oct 2024 08:27:30 GMT
x-nginx-cache-status: HIT
content-type: video/mp4
akamai-cache-status: Hit from child
strict-transport-security: max-age=86400
cache-control: public, max-age=630303753
peer-cache: Hit
timing-allow-origin: https://news.itsblossom.com/
Content-Range: bytes 32768-2066004/2066005
quic-version: 0x00000001
accept-ranges: bytes
access-control-allow-origin: *
Content-Length: 2033237
akamai-grn: 0.bd6f2717.1729066121.25ba480b
server: Server

GET
H2 200 syncframe
gum.criteo.com/ Frame B87A 0
0 190ms
189ms Document
text/html 2406:2600:7:100::9
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=news.itsblossom.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.139.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://news.itsblossom.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 16 Oct 2024 08:08:40 GMT
server: Kestrel
server-processing-duration-in-ticks: 1637136
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H3 200 favicon.ico
kcdn.kueez.net/itsblossom-v3/1724058158597/icons/ 15 KB
15 KB 595ms
595ms Other
application/octet-stream 172.67.31.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kcdn.kueez.net/itsblossom-v3/1724058158597/icons/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.31.188 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfd86358c9a81ab8b083d0d12804deba200c2d1df8f24b9f5039b583d1479270

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cf-cache-status: REVALIDATED
etag: "1dd6161410386f053c387d671a1c02f6"
x-amz-request-id: QRJ460VAY8HXQSH5
cf-ray: 8d368ffbd8fd8667-PER
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
content-length: 15086
date: Wed, 16 Oct 2024 08:08:42 GMT
content-type: application/octet-stream
last-modified: Mon, 19 Aug 2024 09:03:07 GMT
vary: Accept-Encoding
server: cloudflare
x-amz-id-2: xaKjzIi8c74d8cG/zZV2r2x6MTQKpvr3rNLko7X+qWBl/9gWbM5XGZgpCkUYvH9FbynCK7CRMXo=

POST
H2 204 csi
csi.gstatic.com/ 0
57 B 392ms
391ms Ping
image/gif 2607:f8b0:4012:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=2~m2blbp8t&c=4133105877736&slotId=2066552938868&met.4=hvd_lc.m2blbp8s~hvd_src.m2blbp8s
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4012:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 08:08:42 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
content-type: image/gif
server: Golfe2

POST
H2 200 ads Show response
selector.voltaxam.com/ 126 B
618 B 266ms
264ms Fetch
application/json 108.158.20.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://selector.voltaxam.com/ads
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.20.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-20-100.syd62.r.cloudfront.net
Software: /
Resource Hash: 4bd0dc07fd8484c9cb6b0aa330cfe35bda22799520f74065c7a3f355e72f0baa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://news.itsblossom.com/

Response headers

x-region: us-west-2
cache-control: private,no-store
content-encoding: gzip
access-control-allow-methods: PUT, POST, DELETE, PATCH
via: 1.1 1b68da67ecd8210b43b9ded7550536ca.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 136
x-amz-cf-id: m317LXTcnM4M81Sy6t5buKrEnba3QGIxzB--z31E3np-uELhXsfIKw==
date: Wed, 16 Oct 2024 08:08:42 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-amz-cf-pop: SYD62-P3
access-control-allow-headers: X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget

GET
H2 200 %7B%22pid%22%3A%22jKrkXhukY4E3a%22%2C%22ns%22%3A1%2C%22fid%22%3A%221%22%2C%22fbrq%22%3A1729066117728%2C%22_type%22%3A%22latencyBd%22%2C%22a%22%3A2.10009765625%2C%22i%22%3A276.10009765625%2C%22j%22%...
aax.amazon-adsystem.com/x/px/JOlgbMdyKnWuf0Dnx3bOqHkAAAGSlF8rBwUAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAGb2n7/ Frame 2FAA 43 B
329 B 469ms
468ms Image
image/gif 108.158.35.170
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aax.amazon-adsystem.com/x/px/JOlgbMdyKnWuf0Dnx3bOqHkAAAGSlF8rBwUAAAJYBABhcHNfdHhuX2JpZDEgICBhcHNfdHhuX2ltcDEgICAGb2n7/%7B%22pid%22%3A%22jKrkXhukY4E3a%22%2C%22ns%22%3A1%2C%22fid%22%3A%221%22%2C%22fbrq%22%3A1729066117728%2C%22_type%22%3A%22latencyBd%22%2C%22a%22%3A2.10009765625%2C%22i%22%3A276.10009765625%2C%22j%22%3A278%2C%22_tl%22%3A%22aps-tag%22%2C%22src%22%3A%22600%22%2C%22pubid%22%3A%2295550f43-0974-4ce7-9e2c-9558931ffc50%22%2C%22lv%22%3A%2224.827.1552%22%7D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.35.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-35-170.syd3.r.cloudfront.net
Software: Server /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: no-cache
content-encoding: gzip
pragma: no-cache
via: 1.1 db487bbf70af29af96ef50a3f5b469d4.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: ZHzx9045Infe1v_L21w_z5wsHND4QT13XQ2Edr7DhOnok95AC9KSMg==
date: Wed, 16 Oct 2024 08:08:42 GMT
content-type: image/gif
x-amz-cf-pop: SYD3-P2
server: Server

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 184ms
182ms Fetch 67.199.150.87
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.87 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: https://news.itsblossom.com
date: Wed, 16 Oct 2024 08:08:43 GMT
access-control-allow-credentials: true

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
208 B 101ms
99ms Fetch
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ffdc3824a7ba6bd93c56f31bfb5583750635c140ab913cc937328c8607eaefa1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: 0
access-control-allow-origin: https://news.itsblossom.com
content-length: 173
x-prebid: pbs-java/3.13.0
content-type: application/json
vary: origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
555 B 182ms
179ms Fetch
application/json 51.79.154.29
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST v1
btlr.sharethrough.com/universal/ 0
0

POST prebid
ib.adnxs.com/ut/v3/ 0
0

POST 01jaa5y5y97rtgk9sbswv6agp1
rtb.voltaxam.com/videos/ 0
0

POST
H2 204 6683c24e08540a6ddbc93b21 Show response
exchange.kueezrtb.com/prebid/multi/ 0
1 KB 849ms
847ms Fetch 206.81.3.43
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.kueezrtb.com/prebid/multi/6683c24e08540a6ddbc93b21
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 206.81.3.43 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 979 B
1 KB 352ms
350ms Fetch
application/json 89.149.193.113
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 89.149.193.113 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: f84c946c11a48d48575ca7dbfcbaaa91af7c28ef2194ea051726fd6cdbc7f211

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

transfer-encoding: chunked
cache-control: no-cache,no-store
content-encoding: br
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
date: Wed, 16 Oct 2024 08:08:43 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding, Origin

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
555 B 287ms
283ms Fetch
application/json 51.79.154.29
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.79.154.29 Singapore, Singapore, ASN16276 (OVH, FR),

Reverse DNS

ip29.ip-51-79-154.net

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://news.itsblossom.com
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length: 41
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

POST unruly_prebid
targeting.unrulymedia.com/ 0
0

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
208 B 104ms
101ms Fetch
application/json 69.173.158.92
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.92 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 8fc07a580c8684dcdbe24b762c1c9d47514852481abf0f9b7cd847719dfa70c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
observe-browsing-topics: ?1
expires: 0
access-control-allow-origin: https://news.itsblossom.com
content-length: 173
x-prebid: pbs-java/3.13.0
content-type: application/json
vary: origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 114ms
103ms Fetch 67.199.150.87
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.199.150.87 Singapore, Singapore, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: https://news.itsblossom.com
date: Wed, 16 Oct 2024 08:08:43 GMT
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 416 B
633 B 203ms
198ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

f4d18d8573bab4e3c01e4dd6a676d538d17853a111a885c751a67b2d8bc28075

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 268
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 602 B
780 B 208ms
201ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

1cb07c65022c4a1b31b9b2a1b8ca59618f0a43d1e8163a0d0a713237c5654915

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 415
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 408 B
624 B 219ms
213ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

1421552a737df7b40a5fb8f531517a4e74cdaf75cf3431e1d337c9531f089e7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 259
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 402 B
633 B 416ms
410ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

26513593b369bd20d4074c35344bfbbc0d50824443a722c11fb5915fe19f601d

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 268
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 495 B
668 B 202ms
196ms Fetch
application/json 54.179.66.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

54.179.66.231 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-179-66-231.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

e2ef281c7184935c3c5d366ea2d7d4df02eaa4f89bd04dc9d202485058ffb72b

Security Headers

Name	Value
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

x-openrtb-version: 2.5
strict-transport-security: max-age=16000000; includeSubDomains; preload;
access-control-allow-origin: https://news.itsblossom.com
content-encoding: gzip
content-length: 303
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 204 66ba2c78c2b11a2d14717b2b Show response
prebid.cootlogix.com/prebid/multi/ 0
997 B 912ms
907ms Fetch 198.211.110.247
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.cootlogix.com/prebid/multi/66ba2c78c2b11a2d14717b2b
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 198.211.110.247 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
cache-control: max-age=0, no-cache, must-revalidate, proxy-revalidate
content-length: 0
date: Wed, 16 Oct 2024 08:08:44 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, Content-Range, Cache-Control

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 592 B
1 KB 363ms
357ms Fetch
application/json 103.43.90.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.178 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

a0796a18d61391197f433e5e0edd061c26b7bd85fbe593590e115cc3a58e0b3d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://news.itsblossom.com/

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 103.108.231.84; 103.108.231.84; 591.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://news.itsblossom.com
an-x-request-uuid: 09bb7a4b-905d-4d8b-ac9e-c8ad2f35764b
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Wed, 16 Oct 2024 08:08:43 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
vary: Accept-Encoding
server: nginx/1.23.4

POST
H2 200 auction_end Show response
pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/ 60 B
223 B 238ms
236ms Fetch
application/json 35.92.206.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pb-ing-minutemedia.ccgateway.net/v1.0/parent/2960f87904/engagement/trigger/auction_end
Requested by: Host: mp.mmvideocdn.com
URL: https://mp.mmvideocdn.com/mini-player/prod/voltax_mp.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.92.206.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-92-206-26.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 7f03517e09c6abad4ce9968ecdae4906b9b918ecce3bfcd382274ea4f858d51d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type: application/json
Referer: https://news.itsblossom.com/

Response headers

access-control-allow-origin: https://news.itsblossom.com
content-length: 60
date: Wed, 16 Oct 2024 08:08:43 GMT
content-type: application/json; charset=utf-8
vary: Origin
access-control-allow-credentials: true

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ Frame 2FAA 482 B
681 B 285ms
284ms XHR
text/javascript 108.158.35.170
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnews.itsblossom.com%2Fen%2FsDzHSexkMOasgP8f&pid=jKrkXhukY4E3a&cb=2&ws=0x8&v=24.827.1552&t=5000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A10%2C%22id%22%3A%22MinuteMediaOutStream%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22704x396%22%5D%7D%5D&pj=%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22platform%22%3A%7B%22brand%22%3A%22%22%2C%22version%22%3A%5B%22%22%5D%7D%2C%22browsers%22%3A%5B%5D%7D%7D%7D&bb=%5B%22csngn4%22%5D&schain=1.0%2C1%21kueez.com%2Cbd44ade20c8ba1fefca57b320f325495%2C1%2C%2C%2C&sm=9a10bce2-6081-488f-824c-9624546cb978&pubid=95550f43-0974-4ce7-9e2c-9558931ffc50&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22ids%22%3A%7B%22audigent%22%3A%220001yum0eabkba98bciae6gibddj96ldclf786khdaabackkc2jl%22%2C%22id5%22%3A%22ID5*cUiQI4LzurHiDh-CIlHGiHY3I2ErldRM_qTMONvbRH3PIkdmVeilfO6knpRy0vUE%22%2C%22lotame%22%3A%2227cd7948efeefbb4d88273a8adf2185ca02cd1bb9594d3af7a4ca806f838fa28%22%2C%22pubcommon%22%3A%22295cd97a-293b-4644-9a45-56631a227001%22%7D%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.158.35.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-158-35-170.syd3.r.cloudfront.net
Software: Server /
Resource Hash: 9a5439abf0fae031cc682e4066901ed8176b38f3eb480f8dd156bf46675745cd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 db487bbf70af29af96ef50a3f5b469d4.cloudfront.net (CloudFront)
access-control-allow-origin: https://news.itsblossom.com
x-cache: Miss from cloudfront
content-length: 348
x-amz-cf-id: It2k19TyreaNt6GdXpFDR6eBKbRuHoc5AhYoxQS_OQ1HCbxMDoMoVQ==
date: Wed, 16 Oct 2024 08:08:43 GMT
content-type: text/javascript;charset=UTF-8
x-amz-cf-pop: SYD3-P2
server: Server

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: shb.richaudience.com
URL: https://shb.richaudience.com/hb/

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prebid.cootlogix.com
URL: https://prebid.cootlogix.com/prebid/multi/6703d4e4a2030208727d048a

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: exchange.kueezrtb.com
URL: https://exchange.kueezrtb.com/prebid/multi/65083dbf2854c461afc130bd

Domain: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=&google_gid=CAESEI_uuyqyEWEOfhQo6IH-bkE&google_cver=1

Domain: api.rlcdn.com
URL: https://api.rlcdn.com/api/identity/envelope?pid=1356

Domain: cookie-matching.mediarithmics.com
URL: https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=1470867526730679273&opid=apx&ops=&utidl=tech:goo:CAESEIbJm3CwF87lt-dSgqcPf3o&sd=Y2FzY2FkZXNSZW1haW5pbmc9MiZjYXNjYWRlc0RvbmU9NyZpbml0aWF0aW5nUGFydG5lcj0xMDY0JmZvcm1hdD1naWYm&gdpr_consent=&gdpr=0&action=GET_ID&etid=&domid=1033

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain: btlr.sharethrough.com
URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: rtb.voltaxam.com
URL: https://rtb.voltaxam.com/videos/01jaa5y5y97rtgk9sbswv6agp1

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Verdicts & Comments Add Verdict or Comment

223 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

161 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.3lift.com/sync	1970-01-21 02:27:22	Name: sync Value: CgkIOhDrxfyiqTI=
.news.itsblossom.com/	1970-01-21 00:17:49	Name: kls_abtv Value: a
.news.itsblossom.com/	1970-01-21 09:03:22	Name: yoto_uid Value: 1fcfa87d2fcf5bd4:1
.kueezrtb.com/	1970-01-21 02:27:22	Name: kuid Value: 3e11f6ca80bac61e
.3lift.com/	1970-01-21 02:27:22	Name: receive-cookie-deprecation Value: 1
prebid.media.net/	1970-01-21 04:36:58	Name: receive-cookie-deprecation Value: 1
.crwdcntrl.net/	1970-01-21 06:46:34	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-21 06:46:34	Name: _cc_id Value: e346566fb1ad789f3851e1a24173937e
.itsblossom.com/	1970-01-21 06:46:34	Name: _cc_id Value: e346566fb1ad789f3851e1a24173937e
.itsblossom.com/	1970-01-21 00:27:50	Name: panoramaId_expiry Value: 1729670911658
.itsblossom.com/	1970-01-21 00:27:50	Name: panoramaId Value: 27cd7948efeefbb4d88273a8adf2185ca02cd1bb9594d3af7a4ca806f838fa28
.itsblossom.com/	1970-01-21 00:27:50	Name: panoramaIdType Value: panoDevice
.onetag-sys.com/	1970-01-21 09:47:32	Name: OTP Value: naehcs-gWIEzQ0bNcueaue6f279rUs6WP7UWVzMNpkA
.openx.net/	1970-01-21 09:03:22	Name: i Value: 4868f508-d9ed-4a15-9bcc-21ce2592eee6\|1729066111
.rubiconproject.com/	1970-01-21 09:03:22	Name: khaos Value: M2BLBIAL-A-9ZFL
.lijit.com/	1970-01-21 09:03:22	Name: ljt_reader Value: JgUoABZHn8BW5yWCRZSYn8WU
.criteo.com/	1970-01-21 09:39:22	Name: uid Value: 3a0ea4dd-f2d2-4868-b793-434644f436ff
.criteo.com/	1970-01-21 09:39:22	Name: receive-cookie-deprecation Value: 1
.omnitagjs.com/	1970-01-21 01:00:58	Name: ayl_visitor Value: 5590a8a59b7dbe338d8fe6356812923e
.disqus.com/	1970-01-21 09:03:22	Name: zeta-ssp-user-id Value: ua-b9230f08-933d-3a6d-b536-2fdd7e6f48c1
.smartadserver.com/	1970-01-21 09:03:22	Name: pbw Value: %24b%3d16999%3b%24o%3d99999
.smartadserver.com/	1970-01-21 09:03:22	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-21 00:19:12	Name: sasd Value: %24qc%3D1314424703%3B%24ql%3DUnknown%3B%24qpc%3D4724%3B%24qt%3D164_2256_185362t%3B%24dma%3D0%3B%24qo%3D7
.smartadserver.com/	1970-01-21 09:03:22	Name: pid Value: 5626527542043584697
.smartadserver.com/	1970-01-21 00:19:12	Name: sasd2 Value: q=%24qc%3D1314424703%3B%24ql%3DUnknown%3B%24qpc%3D4724%3B%24qt%3D164_2256_185362t%3B%24dma%3D0%3B%24qo%3D7&c=1&l&lo&lt=638646629123080316&o=1
.adnxs.com/	1970-01-21 02:27:22	Name: icu Value: ChkIxLSbARAKGAEgASgBMIDpvbgGOAFAAUgBEIDpvbgGGAA.
.adnxs.com/	1970-01-21 09:53:46	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 02:27:22	Name: XANDR_PANID Value: 4RQGCVPO2sEo3W0S0Cx7THA8HXbGulES6VvfwJt6Y53IfmI-VvjQsklSymX5gNRBpO5VtFvYKDbwAv84dRCzy9M6Wm3iGqqpuswUuu2hnzc.
.adnxs.com/	1970-01-21 02:27:22	Name: uuid2 Value: 1470867526730679273
.cootlogix.com/	1970-01-21 01:00:58	Name: vdz_sync Value: 218311c4-4448-ab4f-e651-04743b54e948
.cootlogix.com/	1970-01-21 00:17:47	Name: vdzj1_54eb012b Value: 2iv12MuIX4uKIh4klNlc5OUYBJSwaR0lWFld%2FalIQfn4LVg8KekctbAFGc3hbAF5dfRRrdBZDeXkJBl1bfRcsO1YTKXBfAV9be0J5OVBXZ2teB1ldL0VwbgNEenFcAVMPfEx4bFVAfnxKGElZK0YsbARNcioKA1wNe0V5aQMWKH1dUF9OYVd%2Fag1BfH0NAQ1fdUcsOwVCL3kKDFlUe01rdBZALXpdBw5edRF%2BbABEKHlYBVwILhB%2BO1ZXFmVKVwQZIwFrYgRZaS4MRBlOdw40dBYGLjobXQQCb09raVYUfipYDVtBfBd%2FbhkXc3kKGV8PfBNkOQIQLnsKDQgJKEQrehhXKCYGWg4PORwmNn0RaXNKAlxcfhF9PQAUeXlbBFlcdUJ7b1BFf3EJFhY%3D
.ad.gt/	1969-12-31 23:59:59	Name: au_3p_check Value: 1
.voltaxam.com/	1969-12-31 23:59:59	Name: rtbUserID Value: 01jaa5y5y97rtgk9sbswv6agp1
news.itsblossom.com/	1970-01-21 00:18:15	Name: ccsid Value: 2eb7fda9-24e7-4d98-aec2-3e058954f9fe
.itsblossom.com/	1970-01-21 09:03:22	Name: _au_1d Value: AU1D-0100-001729066113-RW8U20VP-7TQL
.ccgateway.net/	1970-01-21 02:25:55	Name: ccuid Value: 8774333e-c6cb-4b8b-b213-7564197c4509
.ladsp.com/	1970-01-21 00:17:49	Name: cr Value: 1
.pubmatic.com/	1970-01-21 02:27:22	Name: KTPCACOOKIE Value: true
.adsrvr.org/	1970-01-21 09:03:22	Name: TDID Value: d001ba32-7b2e-44c7-9ae9-462456187448
.pubmatic.com/	1970-01-21 09:03:22	Name: KADUSERCOOKIE Value: 07C8E0F4-267D-4F22-8720-365BFFCD3A57
.sharethrough.com/	1970-01-21 01:00:58	Name: stx_user_id Value: e8af3322-a148-4344-97c0-e3f692d131e3
news.itsblossom.com/	1970-01-21 00:17:49	Name: _lr_retry_request Value: true
news.itsblossom.com/	1970-01-21 01:00:58	Name: _lr_env_src_ats Value: false
.ladsp.com/	1970-01-21 09:53:46	Name: smn_uid Value: Kzhda6dtCNpEgpF9-RuYgiDtMsI3qPc
.ladsp.com/	1970-01-21 09:53:46	Name: lum Value: CJ-0_KKpMhIFCAMQ0AU
.tapad.com/	1970-01-21 01:44:10	Name: TapAd_TS Value: 1729066113555
.tapad.com/	1970-01-21 01:44:10	Name: TapAd_DID Value: 198cd94c-4256-4cca-a638-2ca68b26c2d0
.itsblossom.com/	1970-01-21 09:53:46	Name: _ga_FVWZ0RM4DH Value: GS1.1.1729066113.1.0.1729066113.60.0.0
.360yield.com/	1970-01-21 02:27:22	Name: tuuid Value: 5d4f086c-6050-4cda-898d-8387d833bbd1
.360yield.com/	1970-01-21 02:27:22	Name: tuuid_lu Value: 1729066113
.ad.gt/	1970-01-21 09:03:22	Name: au_id Value: AU1D-0100-001729066113-RW8U20VP-7TQL
.rubiconproject.com/	1970-01-21 09:03:22	Name: khaos_p Value: M2BLBIAL-A-9ZFL
.rubiconproject.com/	1970-01-21 02:27:22	Name: receive-cookie-deprecation Value: 1
news.itsblossom.com/	1970-01-21 02:26:24	Name: ccuid Value: 8774333e-c6cb-4b8b-b213-7564197c4509
news.itsblossom.com/	1970-01-21 00:19:12	Name: _lr_geo_location Value: AU
.kueezrtb.com/	1970-01-21 01:00:58	Name: vdz_sync Value: 8bab6b29-22f3-d732-9ab6-9764588ec0a1
.tapad.com/	1970-01-21 01:44:10	Name: TapAd_3WAY_SYNCS Value: 1!6968
.doubleclick.net/	1970-01-21 09:53:46	Name: IDE Value: AHWqTUmiEZhNJkO4NW3zgUDFLyfoCDjIJ3emmeo5gn02OToFZAmozYhTAnY05zFo
.bidswitch.net/	1970-01-21 09:03:22	Name: tuuid_lu Value: 1729066114
.bidswitch.net/	1970-01-21 09:03:22	Name: tuuid Value: 0ff9aa47-d50f-4262-a58b-d5a3a194edbc
.bidswitch.net/	1970-01-21 09:03:22	Name: c Value: 1729066114
.casalemedia.com/	1970-01-21 09:03:22	Name: CMID Value: Zw90gosFVUMAAAXTAFxpVQAA
.casalemedia.com/	1970-01-21 02:27:22	Name: CMPS Value: 4747
.casalemedia.com/	1970-01-21 02:27:22	Name: CMPRO Value: 4747
.3lift.com/	1970-01-21 02:27:22	Name: tluidp Value: 2099701292308855099479
.3lift.com/	1970-01-21 02:27:22	Name: tluid Value: 2099701292308855099479
.socdm.com/	1970-01-21 09:53:46	Name: SOSYNC Value: anNvbjp7Im9wZW54IjoxNzI5MDY2MTE0fQ
.a-mo.net/	1970-01-21 00:19:12	Name: _sv3_0 Value: 1
.a-mo.net/	1970-01-21 09:03:22	Name: amuid2 Value: 555df71d-e616-4de5-b020-53af6b59a098
.a-mo.net/	1970-01-21 09:03:22	Name: pamuid2 Value: 555df71d-e616-4de5-b020-53af6b59a098
.prebid.a-mo.net/	1970-01-21 09:03:22	Name: psd_amuid2 Value: 555df71d-e616-4de5-b020-53af6b59a098
.prebid.a-mo.net/	1970-01-21 09:03:22	Name: sd_amuid2 Value: 555df71d-e616-4de5-b020-53af6b59a098
.adx.opera.com/	1970-01-21 09:03:22	Name: UID Value: OPU66533994617a40d5a46a4008a40caf0d
.yieldmo.com/	1970-01-21 09:03:22	Name: yieldmo_id Value: VeyIvMM6r5MpMECoCAq9%7C1729036800000%7C0
.pubmatic.com/	1970-01-21 02:27:22	Name: KRTBCOOKIE_80 Value: 22987-CAESEKylfIG6Hy7AxOmL-phcKJQ&KRTB&16514-CAESEKylfIG6Hy7AxOmL-phcKJQ&KRTB&23025-CAESEKylfIG6Hy7AxOmL-phcKJQ&KRTB&23386-CAESEKylfIG6Hy7AxOmL-phcKJQ
.pubmatic.com/	1970-01-21 02:27:22	Name: SyncRTB4 Value: 1730246400%3A220_201
.yahoo.com/	1970-01-21 09:03:43	Name: A3 Value: d=AQABBIJ0D2cCEKmaq0nmiNXrJEp2HF7BQoYFEgEBAQHGEGcZZwAAAAAA_eMAAA&S=AQAAAk45TRRGwjkv8gm5HxMhzEg
.go.sonobi.com/	1970-01-21 09:03:22	Name: __uis Value: ac4939f3-47c1-48d8-86d5-07e973bce8d9
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB3G Value: s3530\|Zw90h
.linkedin.com/	1970-01-21 09:03:22	Name: bcookie Value: "v=2&fff47f42-95c2-41a8-8cb2-ffc2fabad387"
.linkedin.com/	1970-01-21 00:19:12	Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=3023:u=1:x=1:i=1729066114:t=1729152514:v=2:sig=AQFjphY1eMdlDxXrfBChF50j5AfUnnPf"
.quantserve.com/	1970-01-21 09:48:00	Name: mc Value: 670f7482-c6b37-0bb5a-a3fa4
.quantserve.com/	1970-01-21 02:27:22	Name: sp Value: CgkIuYoDEgMQ1Q0=
.a-mo.net/	1970-01-21 00:19:12	Name: _sv3_13 Value: 1
.criteo.com/	1970-01-21 09:39:22	Name: cto_bundle Value: 5SfSdV9hQ0J4TGxacWk5YTE3MVRIYUV6NEYlMkJzRjNUemgzb3FVbSUyRmolMkZrU2FHV3NOQWRUYmRtczJFJTJCeThQZEolMkZHZUxLdzd0dGEyWms0QlhnJTJGNzgySFlJejZrbHVvdXE4enVRMnp0NXRLS2R1ZWFTOGF5R2JhTHhBcmZMZjVndGQwVEVXamxGTzhqVG5iWDJCVXdtU1BFOElOQnclM0QlM0Q
.itsblossom.com/	1970-01-21 09:39:50	Name: cto_bidid Value: yIIsHl9NeEZ2VFN2Z2hHdVQzWjdkRmQlMkJFb21KWW03d2JadCUyRk1HcDdkMWhld3JBQ09aUEtqMWZoTExZeUVPRFlBdE50OVV0ZGpXJTJCRSUyRlJKRDglMkJqTkRqcFM0MEFGVjNoUnZNRGN6WklySXMxWVZjTTNnWTNwa2UlMkYwS2p4MDNwMGZIUHh0Uw
.contextweb.com/	1970-01-21 08:56:10	Name: V Value: 8TwRbhWzax86
.contextweb.com/	1970-01-21 08:56:10	Name: VP Value: part_8TwRbhWzax86
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 03f2a4e851751a57
.bidr.io/	1970-01-21 09:46:19	Name: bito Value: AAB6bU7OHukAABS79uHuPg
.bidr.io/	1970-01-21 09:46:19	Name: bitoIsSecure Value: ok
.sportradarserving.com/	1970-01-21 09:01:55	Name: zuuid Value: 5617fb2f-37dd-4d3e-b0c0-4c75d81eac33
.sportradarserving.com/	1970-01-21 09:01:55	Name: c Value: 1729066114
.media.net/	1970-01-21 09:03:22	Name: visitor-id Value: 3720677159035665000V10
.amazon-adsystem.com/	1970-01-21 09:53:46	Name: ad-privacy Value: 0
.a-mo.net/	1970-01-21 00:19:12	Name: _sv3_2 Value: 1
.sportradarserving.com/	1970-01-21 09:01:55	Name: zuuid_lu Value: 1729066115
.sportradarserving.com/	1970-01-21 09:01:55	Name: zuuid_k Value: 1
.sportradarserving.com/	1970-01-21 09:01:55	Name: zuuid_k_lu Value: 1729066115
.amazon-adsystem.com/	1970-01-21 06:29:17	Name: ad-id Value: A4l5teqwMELhtWSZolfH8nQ
.primis.tech/	1970-01-21 00:53:46	Name: csuuid Value: 670f7483134d3
.csync.loopme.me/	1970-01-21 02:30:14	Name: viewer_token Value: 577f409b-003d-450c-a2e8-f945e76bfeae
.a-mo.net/	1970-01-21 00:19:12	Name: _sv3_14 Value: 1
.itsblossom.com/	1970-01-21 09:53:46	Name: _ga Value: GA1.2.422910039.1729066114
.itsblossom.com/	1970-01-21 00:19:12	Name: _gid Value: GA1.2.1481722651.1729066116
.a-mx.com/	1970-01-21 09:03:22	Name: amdt_t Value: p::1729066115679
.a-mx.com/	1970-01-21 09:03:22	Name: amdt_t Value: p::1729066115679
.a-mx.com/	1970-01-21 09:03:22	Name: amuid2 Value: 555df71d-e616-4de5-b020-53af6b59a098
.a-mx.com/	1970-01-21 09:03:22	Name: amuid2 Value: 555df71d-e616-4de5-b020-53af6b59a098
.lijit.com/	1970-01-21 09:03:22	Name: _ljtrtb_80 Value: M2BLBIAL-A-9ZFL
.admanmedia.com/	1970-01-21 00:37:53	Name: admtr Value: 4fe2a539-ff2a-4cb8-8f56-2bacc1417a2c
.admanmedia.com/	1970-01-21 00:37:53	Name: ac_r Value: CS112
.a-mo.net/	1970-01-21 00:19:12	Name: _sv3_8 Value: 1
.intentiq.com/	1970-01-21 09:53:46	Name: IQver Value: 1.9
.intentiq.com/	1970-01-21 09:53:46	Name: intentIQ Value: u0rALshATV
.pubmatic.com/	1970-01-21 00:19:12	Name: pi Value: 164363:3
.pubmatic.com/	1970-01-21 02:27:22	Name: chkChromeAb67Sec Value: 3
.intentiq.com/	1970-01-21 09:53:46	Name: ASDT Value: 0
.intentiq.com/	1970-01-21 09:53:46	Name: CSDT Value: UEQ6MTUxMDZfMCZVUkx0REVt
.intentiq.com/	1970-01-21 09:53:46	Name: intentIQCDate Value: 1729066115967
.intentiq.com/	1970-01-21 01:00:58	Name: IQMID Value: 1735190356#1729066115968
.intentiq.com/	1970-01-21 09:53:46	Name: IQPData Value: 1735190356#1729066115964#0#1729066115964
.id5-sync.com/	1970-01-21 02:27:22	Name: id5 Value: 0c6a7458-a886-7ec5-b5c9-1783c63de8b6#1729066114356#4
.admixer.net/	1970-01-21 02:27:22	Name: am-uid Value: 1ef4a92e8d8f4b209c524f7edc6a232f
news.itsblossom.com/	1970-01-21 00:19:12	Name: _lr_sampling_rate Value: 100
.pubmatic.com/	1970-01-21 02:27:22	Name: KRTBCOOKIE_699 Value: 22727-AAB6bU7OHukAABS79uHuPg
.pubmatic.com/	1970-01-21 01:00:58	Name: PugT Value: 1729060271
.richaudience.com/	1970-01-21 01:00:58	Name: pdid Value: 3ed59b28-d0b1-4616-9e95-1zz1729066116
.openx.net/	1970-01-21 00:39:22	Name: pd Value: v2\|1729066112.4\|lYvOjEiuhI.ia
.adform.net/	1970-01-21 01:02:24	Name: C Value: 1
.ymmobi.com/	1970-01-21 08:56:10	Name: ym_user_cookie Value: ym_user_d9ffee93-844b-4db6-ae1c-276ef2f9226c
.dotomi.com/	1970-01-21 00:17:46	Name: DotomiTest Value: 234434ab7e5621ea
.lijit.com/	1970-01-21 09:03:22	Name: _ljtrtb_26 Value: 0ff9aa47-d50f-4262-a58b-d5a3a194edbc
.contextweb.com/	1970-01-21 09:03:22	Name: pb_rtb_ev Value: 3-1u83\|7dN.0.AAB6bU7OHukAABS79uHuPg
.contextweb.com/	1970-01-21 09:03:22	Name: pb_rtb_ev_part Value: 3-1u83\|7dN.0.AAB6bU7OHukAABS79uHuPg
.adform.net/	1970-01-21 01:44:10	Name: uid Value: 8077868095493991453
.cootlogix.com/	1970-01-21 00:17:47	Name: vdzj1_d9cbadb4 Value: qsw15ZX05Tcn6Kaptns1IXpAVCYXAFM5ElJONVEHaD5VAGMADFItVkIQWkYCYmkDAWFSXldpTVJCXENQaG4HBTYGDVQtA0lDW0cGbG8AVDBBQhR9UkJFDEMIbG8BBGxXWw4oUElFWhIEb20SGXZWCAUuVUBMVxBTbW9RA2RTXwEoAkRBCkcTdnoGB21XWQIuVBZHVkFUOWkHUWQBVgRzV0hWQlEEPGsFBjFRVlJ8VURFDUMBa29UVjFUDVRpTVJCWEcAPm0CUGJVDAR8VUAWWRAJYm4CAm1BQhR9UEJBX0NQPjkEBmcCWAZ7UEdMWUYBbGwSaHhBDVk%2BDwRWVEIdeD9URSZBVE1pCAMxO1ELPDlcRjFPTFEvEQJWVFEBeHQSUjATHHUkDwMRAAcTYHoSGXYWHWY5CAYVDQoTYHoSGXYEHkZpW1JWQlFWKihjXDBBVBRpHFxWHRZCKTFfW3ZZTAcpAEUXXkoBd2lSA2JODA57A11ADUJXdzkGUDFRDA8oBBVFDFEdeDtfWzoGDUIiDh49ClELeG4GVzVRDQFzAkIWX0JQaDwBAWNSWVR5A1JYTBpCEzVRUjFBVEI5FBUJ
.eexsync.com/	1970-01-21 00:27:50	Name: CID Value: b7b2e26a019c09332275ccd62b1ea04eae1c0279
.rubiconproject.com/	1970-01-21 09:03:22	Name: audit_p Value: 1\|WD0cx+9RTMIhq0ElsDYnr0vjZfuaiEilpYXSHN9NznkNxbqGdhVrQY0ikFNAhEmJO0zX6w8InpDMIKd0g+rgSEDjpxCAwqqinNTglat5Vb/PFOqPSQpAaKZr5ZVxLWDe
.rubiconproject.com/	1970-01-21 09:03:22	Name: audit Value: 1\|WD0cx+9RTMIhq0ElsDYnr0vjZfuaiEilpYXSHN9NznkNxbqGdhVrQY0ikFNAhEmJO0zX6w8InpDMIKd0g+rgSEDjpxCAwqqinNTglat5Vb/PFOqPSQpAaKZr5ZVxLWDe
.richaudience.com/	1970-01-21 02:27:22	Name: avcid-sov-uid Value: JgUoABZHn8BW5yWCRZSYn8WU
.lijit.com/	1970-01-21 09:03:22	Name: _ljtrtb_27 Value: d001ba32-7b2e-44c7-9ae9-462456187448
.turn.com/	1970-01-21 04:36:58	Name: uid Value: 2351121154668339730
.sitescout.com/	1970-01-21 09:03:22	Name: ssi Value: 0b932f23-624f-4b88-b2f2-e423769dfb3f#1729066117533
.smaato.net/	1970-01-21 00:48:00	Name: SCM Value: 9ae32fa093
.smaato.net/	1970-01-21 00:48:00	Name: SCMsas Value: 9ae32fa093
.sitescout.com/	1970-01-21 01:00:58	Name: _ssuma Value: eyI0OCI6MTcyOTA2NjExNzg1NiwiMzkiOjE3MjkwNjYxMTc4NTYsIjciOjE3MjkwNjYxMTc4NTZ9
.smartadserver.com/	1970-01-21 09:03:22	Name: csync Value: 22:8077868095493991453\|100:8e4d5da9-e1a8-4a8e-8688-571a67a606dd\|127:AAB6bU7OHukAABS79uHuPg\|133:9ae32fa093\|147:e8af3322-a148-4344-97c0-e3f692d131e3
.1rx.io/	1970-01-21 09:03:22	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004%22%2C%22nxtrdr%22%3Afalse%7D
.lijit.com/	1970-01-21 09:03:22	Name: ljtrtb Value: eJwNyrENxCAMAMBdXMeScQzG6UIR6SV%2BgXQmwBKv3z2UJ90POMEBNKe5i2KPNFE4MXrMbdF3Dyajtwc2YF23E4XmO6M2HijyKJoPQ0ksMYWsInndTOt%2BudTyOSueaPdV4f8CKn8baA%3D%3D
.lijit.com/	1970-01-21 09:03:22	Name: _ljtrtb_16 Value: 0b932f23-624f-4b88-b2f2-e423769dfb3f-670f7485-5553
.adsrvr.org/	1970-01-21 09:03:22	Name: TDCPM Value: CAESGwoMc2hhcmV0aHJvdWdoEgsI6pLbr_jwtj0QBRIUCgV0YXBhZBILCMLioLL48LY9EAUSFgoHcnViaWNvbhILCJzQ2rT48LY9EAUSFgoHc3Z4OXQ1MBILCMaxxMX48LY9EAUYASABKAIyCwi2hbuMj_G2PRAFOAFaBzhoOXUxMWhgAg..
.targeting.unrulymedia.com/	1970-01-21 09:03:22	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-d8b0c280-2178-4217-a6f1-b23d7e0a12c4-004%22%7D
.kueezrtb.com/	1970-01-21 00:17:47	Name: vdzj1_b41c5618 Value: BDo14sZL6BsQSltyW5oCHg8VzAHPzYeB1ttbk1FaXtSckJlZFUXSmEHXUJtL1chEmljDUNbexdZQG0tAHNAaWBfRE5gAFdBaX8HJ0pnMlpWVXUDXBc8KAR3QWRnDkMYNVdfQTx9A3FFZGVOWFthBlgSbyoFIUcyZwpGGGZXWEU5ewN2FTNxQFZPZAUJR2h%2BUnBEZzcOFh9gDVtGOS4PehFzf05CSmBUWktrdAcjEGdnXkNNYw1ZFWkpUHFRfXFaR042A18QPHhVdhVjMl0WTmFWWEY4egBgX3NlX0FPNQddQjt8AycVYzVUQEg2AlhKYnQUblFnYFsVT2ZTW0I7LwB2QWZnWExPMQ0KEThua25RMjwZGg11D1pfeCtSMgFzaRdWECRwOlFgKlcuADR%2FThMdJ0dNSXh8FG5RNjccBjo4WxwWNDgUeFFzf04BCgdHBgU7L09gSXNxQFYeJ0VNSXhuGmAUISM%2FHR11D01RJ2AUMRYiIAUbF3UPTUM4eQAkFWE3QUEbMQJCQG1%2BBG9KZDZcWUhgU1YVOHQFd0phYE5YWzRaAR0%2FL0IrHD8aCFZDdQNZS2kvBHYWYWtZQEk2AwsXOC8PcRFjYk5YWz5GJh47K1NgSSUhGREE
.semasio.net/	1970-01-21 09:03:22	Name: SEUNCY Value: AB1F720463211B4C
.id5-sync.com/	1970-01-21 02:27:22	Name: 3pi Value: 112#1729066120864#1457300593#AB1F720463211B4C\|2#1729066118489#-2131267986#1470867526730679273\|264#1729066118906#1024651602#d001ba32-7b2e-44c7-9ae9-462456187448\|10#1729066117352#-1391562236#3706714843346917126\|108#1729066117899#-304484646
.doubleclick.net/	1970-01-21 01:00:58	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 04:36:58	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-21 04:36:58	Name: APC Value: AfxxVi7ai-YFo2ECK136oD8fETj76p8NjoOfWVsnkkzBu7G_YrG4jQ
.doubleclick.net/	1970-01-21 04:36:58	Name: __Secure-EPC Value: AZoQ-q_nG02yOGl-EJ8Qto7qI6K7qg3lF9DN9tlO9rE0OPjHidk8
.itsblossom.com/	1970-01-21 09:39:22	Name: cto_bundle Value: xY0OXF9DQ2kyRkFINFV4Y3NGMiUyQnNjdVJ1am84M0ZlVHBaMTdTVklxaVZYJTJCUHBMVVkyMUp1SjNxMkZ4SGY0RUt2bWlhSVl4SFdrdFZXR0FoVVZuJTJCWGsyVHlqNWlaODV1d2ZRWDZyelNuWG5vWDhScnhRU21FWnFqbm0zTGpWekJDVVIxdmQwbzA2OVhLNmxaNEVReUdhTnNHVmclM0QlM0Q

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://news.itsblossom.com/en/sDzHSexkMOasgP8f Message: Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=1356' from origin 'https://news.itsblossom.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1356 Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
aax.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
ads.yieldmo.com
analytics.google.com
ap.lijit.com
api.rlcdn.com
ats.rlcdn.com
bcp.crwdcntrl.net
bh.contextweb.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.hadronid.net
cdn.id5-sync.com
ce.lijit.com
check.analytics.rlcdn.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
config.aps.amazon-adsystem.com
content.voltaxservices.io
cookie-matching.mediarithmics.com
cs.admanmedia.com
cs.media.net
csi.gstatic.com
csync.loopme.me
d0.eu-3-id5-sync.com
d0.eu-4-id5-sync.com
d1.eu-3-id5-sync.com
d1.eu-4-id5-sync.com
d2.eu-3-id5-sync.com
d2.eu-4-id5-sync.com
d3.eu-3-id5-sync.com
d3.eu-4-id5-sync.com
d4.eu-3-id5-sync.com
d4.eu-4-id5-sync.com
d5.eu-3-id5-sync.com
d5.eu-4-id5-sync.com
d6.eu-3-id5-sync.com
d6.eu-4-id5-sync.com
d7.eu-3-id5-sync.com
d7.eu-4-id5-sync.com
data.adsrvr.org
eb2.3lift.com
eexsync.com
equativ-match.dotomi.com
eu-u.openx.net
eus.rubiconproject.com
events3.bqstreamer.com
exchange.kueezrtb.com
factor-service.prod.voltaxservices.io
fastlane.rubiconproject.com
firstmedia2-d.openx.net
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
google-bidout-d.openx.net
grid.bidswitch.net
gtrack.news.itsblossom.com
gum.criteo.com
gw-iad-bid.ymmobi.com
hb-api.omnitagjs.com
hb.minutemedia-prebid.com
hb.yellowblue.io
hbopenbid.pubmatic.com
ib.adnxs.com
id.a-mx.com
id.hadron.ad.gt
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image8.pubmatic.com
images2.minutemediacdn.com
imasdk.googleapis.com
inv-nets.admixer.net
kcdn.kueez.net
lb.eu-1-id5-sync.com
m.media-amazon.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mp.mmvideocdn.com
mug.criteo.com
news.itsblossom.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
otrack.kueez.net
p.ad.gt
pagead2.googlesyndication.com
pb-ing-minutemedia.ccgateway.net
pb-rtd-minutemedia.ccgateway.net
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
players.voltaxservices.io
posts-cdn.kueez.net
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.cootlogix.com
prebid.media.net
prediction.voltaxam.com
prg.smartadserver.com
proton.ad.gt
rtb-csync.smartadserver.com
rtb.openx.net
rtb.voltaxam.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
seg.ad.gt
selector.voltaxam.com
shb.richaudience.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static-cdn.kueez.net
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.cootlogix.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.kueezrtb.com
sync.richaudience.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
targeting.unrulymedia.com
td.doubleclick.net
tlx.3lift.com
token.rubiconproject.com
track.news.itsblossom.com
u.kueezrtb.com
u.openx.net
us-u.openx.net
vms-videos.minutemediaservices.com
www.google-analytics.com
www.google.com.au
www.googletagmanager.com
x.bidswitch.net
ads.pubmatic.com
api.rlcdn.com
btlr.sharethrough.com
cookie-matching.mediarithmics.com
exchange.kueezrtb.com
ib.adnxs.com
prebid.cootlogix.com
prg.smartadserver.com
rtb.voltaxam.com
shb.richaudience.com
targeting.unrulymedia.com
100.20.154.212
103.253.24.65
103.43.90.178
108.158.20.100
108.158.30.125
108.158.32.16
108.158.32.44
108.158.35.170
13.35.147.103
13.35.147.54
131.153.206.100
135.125.140.162
135.125.146.80
135.125.146.82
141.95.98.64
142.250.204.2
142.250.67.3
142.251.221.67
142.251.221.74
146.190.215.179
148.251.40.153
15.197.193.217
151.101.130.49
162.19.138.82
172.217.167.66
172.217.167.98
172.64.151.101
172.67.31.188
172.67.73.228
18.136.40.208
18.179.103.44
18.67.93.18
182.161.73.136
185.84.60.20
198.211.110.247
2001:4860:4802:34::181
206.81.3.43
207.65.33.82
23.106.127.170
23.106.50.37
23.108.103.8
23.198.52.22
23.221.133.65
23.52.225.82
2404:6800:4003:c0f::9b
2404:6800:4006:809::2006
2404:6800:4006:80b::200a
2404:6800:4006:80f::200a
2404:6800:4006:811::2008
2404:6800:4006:814::2002
2404:6800:4006:814::200e
2406:2600:7:100::1
2406:2600:7:100::2a
2406:2600:7:100::9
2600:1415:9c00:6::1728:3475
2600:9000:2083:ac00:1:96ec:5bc0:93a1
2600:9000:2212:3600:e:8add:c340:93a1
2600:9000:2212:8200:e:8add:c340:93a1
2600:9000:2212:9600:7:d444:a240:93a1
2600:9000:2212:c200:7:d444:a240:93a1
2600:9000:2212:f400:3:25e2:740:93a1
2600:9000:2215:ce00:1a:7b6f:2940:93a1
2600:9000:277a:800:14:3f07:afc0:93a1
2600:9000:277c:f600:1b:5138:8a40:93a1
2602:803:c006:158::65
2606:4700:10::6816:1795
2606:4700:10::6816:227b
2606:4700:10::6816:35ad
2606:4700:10::6816:445
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:10::ac43:266a
2606:4700:20::681a:367
2607:f350:1:2569:0:10:0:d
2607:f8b0:4012:80a::2003
2620:116:800e:21:6c50:dbee:bef5:203d
2a02:fa8:c411:13::1400
2a04:4e42:200::311
2a04:4e42:4f::820
3.0.107.214
3.168.86.71
3.218.235.254
34.102.146.192
34.111.113.62
34.120.107.143
34.120.63.153
34.168.25.131
34.209.246.226
34.36.216.150
34.98.64.218
35.213.7.90
35.214.236.216
35.227.252.103
35.92.206.26
37.157.2.229
44.229.114.113
47.253.61.56
50.116.239.135
51.195.115.36
51.195.126.30
51.195.127.100
51.195.34.220
51.195.73.113
51.195.73.74
51.195.73.82
51.79.152.76
51.79.154.29
52.220.108.100
52.223.2.229
54.169.113.206
54.169.228.246
54.179.66.231
54.213.2.161
54.71.61.99
67.199.150.82
67.199.150.87
67.205.171.186
69.173.151.100
69.173.158.64
69.173.158.92
74.118.186.106
74.118.186.107
74.214.196.131
79.127.230.245
80.77.87.108
80.77.87.161
89.149.193.113
98.82.157.231
01a3c68fa635623545d01483a20dd87ce2947ba27819607cd704b4d053012801
0305f69dce31a611ae03c3617d1026443fd5d1094fccf6d597abc6946e2609c9
04be17c7bf6650d3cb52f78bdf904f227fac5b91fba436c59847b02e3a190915
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0624dc6c81d0fa56d0a3777ed19d0647b08c825942f1b7d8907d783202162446
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
090b82a119da991dfb25cf544657685c94b076df21c98c4c6a718cffd4e5b52d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d644d044d92347b3636ff957a08955c27cc8b0fe73cde505b8789c220be7bb9
10b3d3fe727902aa797d19bbaa25c4b5e9738b420aa1e3aae70a77a9fe50b0e4
116e39f16808341ff98b9be5aa263f143a2e715be5da91f725bfc7b7d0881dc4
131b063816c6c579887fae31835e30f57f90d66b6e0c1e65c9a8aad55d6dcb67
139b31c08f90a423ecbc70bb84529127db75894a8bb23c4858e141f89cdc0a32
1421552a737df7b40a5fb8f531517a4e74cdaf75cf3431e1d337c9531f089e7f
14b1c7f4ba69d8abb4ee573de5f5fa51965c31f1d7411bcf745b576dc95445eb
15988b8db1378390e764f9bcb5c33d9ce9d7f940eb765c451b7cb67921cafb70
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1779d04b0f80132b580b269fdccef758a88839086cd39651bf85048a97a72b36
1994deb80166cd2236db3c24402cba820446f424dd8a45475777156d36e0e06d
19b1ae1fb5193525ff3b5956b6c3fa580191db636dcca30b2d3d1f3d88092873
1cb07c65022c4a1b31b9b2a1b8ca59618f0a43d1e8163a0d0a713237c5654915
1e02f95bb37ae11a5f1c50ec744d307eaa94f92d15d6c2c5b41270f9cb2cdab9
1f30428eec3f71e0c095f64c26d097de57f0e08dc33e0eb929bda524df2f3cd0
26513593b369bd20d4074c35344bfbbc0d50824443a722c11fb5915fe19f601d
2788f8c56fb7e819228c99cca4101ecb72b50836ad85a1c6632a89ca908f51cd
287da6139bcbf121bf8eddf3e451bc10bf81d50e174d9937cdb69613d57513fd
2a7c35a58c1ad79d4fc96dad3bf9ef24b49d9d439ad3fb9b454cdcfe7c445724
2b82fb8ff7c1b7a9499e6224e174dbac0320ec9c4c74a1089627841144228df0
2be38b9fe1aaae7195e99aee488fc23d8f8e3b4c0d908f078f71fa93510d43e0
2c624232cdd221771294dfbb310aca000a0df6ac8b66b696d90ef06fdefb64a3
2e1f5481042c018e071942d4e1ab92f5071da2aaa0609881fcdb03f75b3682e8
2eba9c91b824dbd87e60c31aa8beced03d7f21c6fbe38807a8825170c05d2b25
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
324c63e1f671c42393f71e3ca0d790c0551eef8cbd618624b3b1fb1df7cef126
33c70c297b1a729f965a6aca60b7b3bb7a3b06bd13efe07698516fa98ac8b9f9
33e0190de1f0361dba4defb01f1b0678957d175c919bd95cc766d94e1a9b52b4
382ee996d7dd5018b05e885c748449f08a6115b64f029eb93c9a65e4bb03fdca
398f44c9c65091944ecb4a30fb9086ba1fc847527bc61e76bf64d02c13d89927
39df885ce5b7090ecad25931397eeda98d7d6e0904b86048177edabd836d2047
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c92f69d1fb5b0bbd0ab88b8a06d1bcd5a3027e06a8845095198ec63b5c71065
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f39d5c348e5b79d06e842c114e6cc571583bbf44e4b0ebfda1a01ec05745d43
43b1d1432cee6d6968b68090aace7bfafdfbcf9e49fc971e2f3e38b3e30d1536
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
45d7de56a035af27c4813e9681b7a175aa12bd0283a71f84323b156f7a8b3428
492db2ca577f4d221e3e28239c19e7db05f1701b298bf278fc4d1fcb92563586
4b227777d4dd1fc61c6f884f48641d02b4d121d3fd328cb08b5531fcacdabf8a
4bd0dc07fd8484c9cb6b0aa330cfe35bda22799520f74065c7a3f355e72f0baa
4cb61370377e5d85901259a16fbca84f51f3ed9b7c5d7df89bbf1c7178f44dd1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1cd49b331b609f6da4fd9acd4b03e15290f51df0782d8cd269293ed580d422
5086dd2d76ad6f85300b6e9fc9d1ae5da26291d038f2b4817a000314e94f62d1
52024c00d02e08cceb375c074033497d177dc505d8f051268705ce6c41a25ed7
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553f5903dbca817268e45c6da63d3155439602ccef3df1e55f974df718492d64
559aead08264d5795d3909718cdd05abd49572e84fe55590eef31a88a08fdffd
5a9980abca3b078a7c67a296f602f48bb043c2167e0e8257addfe2d603643a07
5b16f54285d14b00c38628a019a6bad61daf89623464a4ba71c3a0e07a9ff823
5b3440667471d9d42e06d069967bbd6b7cd70fd225eff51d659e6b538ad3c8fb
5b9cfa0283d9a9f6a909df2b61c9933c11130343f08aec96cdd8f49c29972526
5e8020e3d61bfee03a48ca66498521053b0bdcc1a3d8791250ac9bf0f768cbf2
5fd7fc4b8be9c2eeb3efb728f0483d444e4a8db80f0597e4ef7950105638bb08
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
6062da8471bfc7325b01aee91f4cd691784d52bf89a470b130fe676813bedbe9
60eaebf0cdf840d24bfcf34f1bd31259010fb4e0b4598129b078791c974d80b9
6375ce7bba59b805522ad4f6c6d4d975da7c4c15500459b81805f52be1c1523a
6478236da4ae8d9298c45cb5637071c130a118ee8881c6c132d55f20a38d2a66
64990fa5f64f060db8892ec3c3936e418813a9dbc53450336c542c3f3c8ee765
653132f05e285c7345994f3ac2b0560261af382c96aac27e55beb31db17cd7de
6564eb80891836e2cc7058312f75671dd920fac0c652949c82d78c17c7afac6d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
69be017daf20c595f7ea82fe6cca020bcd57b3948461bf164566bbe4109a5e03
6b3152747ca2f3156245d7a15c855f37566093279bf6efaeb7cc5ee200a6eebe
6c54e3f3853e206bba65ac32fed392fc8771ba88a986a9e3ac079554e758a251
6fdb7c12792ebd6e785128456249178e9b508c9677a300df8fbc6e7520147baa
6fe1fbc5fae71983a4cedfd56075e539c6988f0a9a90f4ae8c538b7246e22b80
7027dbae67f41fadc9e72c562881a74709445fe9d0e983c208494889950918fb
73ac1e2196210a7e19368b152b45311c5c4c4aaac6773dddcbda167cc8e59eba
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a893bafdaec7865c12a18e3a82bfed1ac558be37a1c45aa75936cab98214dc
76310d6cf129e2f674d262ece1ab3f1651dc179e2220c350782ac22751ac6bb7
7902699be42c8a8e46fbbb4501726517e86b22c56a189f7625a6da49081b2451
7d7a6d697fe3aefd40dd8d1ba39ca7fdc2104a2b5734262f7ad0e66f35d323ca
7f03517e09c6abad4ce9968ecdae4906b9b918ecce3bfcd382274ea4f858d51d
7f955e3d246cad8925383139426b042bd3aade38e389fb7d1c2ecd889a5d1def
7fb087b79619f77994bd78fe964e578706eaaada1fed93343af20881644b8831
7fb63e9d9a4a00c01f2cf75afd831cd62b250b8e046b95bb6f4516f8061df624
81d8d52425f6249efc8c51d5cc51cd890c7234279586fdf1d863a207fa71a598
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398c064451b03b9fa505f061d2443e96bdb54d50144ade4886d2f11e80a12b4
84487283b5b6b3fa98e39c3e721c43c118996e6136da276a578d76a8d155fadb
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
86654bbfb15c7d2db42678c9c98557deef71b8ec18b2022b13161c82a77da9f1
891bfc3e83ff26166268ffb991a2ed89b8edcce81313518f6076f95632621a9f
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8f01b38fa7dd98a076abd34c7e465050b3bd5eee05d853f87492bb4110c43ff2
8fc07a580c8684dcdbe24b762c1c9d47514852481abf0f9b7cd847719dfa70c5
8fe73f4cb70999c58343d9b12bfab837820976ac9cebf4e4c4c87e06323cf1ed
90b1aac26d5126aed6ca497f87af5d2517e572d4fc6a5b043a6635b83ae30bdd
921950e7c750ad2f5d84225a8e721084f5d99012fb1cac54e73a58e6ba075fb3
93aaefa4ed28cf6069686ba7bdea46e90294135f50c3204157088fec1b0d57b0
93d4af1530b57ef459bcafc61f637794158630b2b9342933d22206d292ed4bef
975f35efb14db97259358a976f0b6191a0c4498f2a36c6c86d2b2e592dc8ab59
97fbdcc705816d4b6fdaeed920cc5b5f506f27bdc2c4c07418698f23994ea20e
9a5439abf0fae031cc682e4066901ed8176b38f3eb480f8dd156bf46675745cd
9a760d5349ba663509de5311527e5536ed479df1a61eb6ffdad8504d16d2d6ec
9e6992618e403c5fc4319e6bb48b1cfab5d5ac94bbaf80019479d5b129fef28f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0796a18d61391197f433e5e0edd061c26b7bd85fbe593590e115cc3a58e0b3d
a2aa2577c105dab138246b4e0a1f575b3c92c30d5aced108d3f73897bd46823f
a6d4b7e4b35b13e33c37e1234452dc1b33cc503d6727aa5b5b92bb7a6b8024d7
a77eaaef19da297f84e0525bed6e789298d7631e5db89666df3458abbc70c708
a86ef2999a5af962f217a9a65615a898748ee2b90882ef7120a613c20bab2501
a94f54b93473d123214c8abe137ad629318332fe1841b6d5f8dc4cd5b62b4667
a9f51566bd6705f7ea6ad54bb9deb449f795582d6529a0e22207b8981233ec58
a9fcf747153ed7cf8e73bbad0c9235f3dcf2e314eab4dd7e52983246f2b27543
aa1093ddd9a39cda81dfeffe179c1e9be0e2838426d96f208e351ac9ddd03810
ac6706f2f77aaab3b69118b5aaf8ed6eb062eb6f27fbd856ae91c88bb0617988
aca701811d62eb608d12b174231be1ceae3449fe0f4bc847469ff22aab8ca9a5
acc7435f8e161d697eb7319348fdf75f70febfe9a788949132dc8bee301bf663
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
accf2e634bcd5d4c278bb8d8e803cc3adcc95d01f266989004c719ec40a91c2a
ace62ef04152a429e5ce356f3cbd0bd3cd011a16b80b401cb5acf47748a23b39
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b123e11dd71854b0f11dfb2240cf705626c8675895461ced693dc1a748907c60
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c9941541a4f1b8fbcfdbf1b0761218f47340abfea8a044035b80d502b9f1f2
b25cb1947654f9d4b35f44d0847bccee50ab800b263f0b5632b0d914d3571981
b26646b4d9dc7719d7e504ee17c4cafcca7c7a1be96a63a7f6d370b348f2376b
b48e33952ffd734c4f1536fa1a8190b7c0439e80d9c96b647d9b580738ba7411
b6268200501ff8843250bba67849a1b66957d00371249a2b687a69a9ab465ece
b6bd3c5cd2fde939f16e74990308bbc62b3f554566c45219eed7ba8a0d7a9fb7
b757edda4683531eccd04a8b7e95e1c8c6ef39fe82ab5d3b06bf809886e59cf5
b804c068f367686218c1a9b3bfd9199140e67e02de8d139bd42c96e985419f9f
b8697e393ba098ccdc364c4e846f08bed2a43503106ba827c57bf965547a65fc
b8ccf9d62a53c73e672128e5ae9df11c7e8321f157a5e5e6e46fb3fbaa58057e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bb39709b3737f014ab48d5392f7fa7853741a6d1c3f92ea8925e03b38f78dd8f
bb930de795d1974fa4332a5b6349a845ab5240efa6e8fe7d730bae753e14e0a8
bc8974761974fb20b237a3998a2597c6efd3555c183836b6656984cc97bd8905
be7d046560a20df29485418ec014337b2a68c7cd5667724046b974fcdff58bac
beae10c368103db61d240c8b0b44708deb4a1635fa2476eed0301552749f9ac5
bf56a8ee61466025da3c91251cec9752d81cf8d7f97be0530803b00090e2b971
bfd86358c9a81ab8b083d0d12804deba200c2d1df8f24b9f5039b583d1479270
c0b5b4f46c004f3c2cac828e37e6d91dac9381ff28fae18505434d8f9157f5be
c15ad63c8fccd1373d5b6e9d1e2f61b452d7951174b84825421b4e45d2122c25
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ccc4e672ce8e6da9035e7dd7a44a3e5c9ab6dab8496e45195384e101bdfff8
c79893583afa9916d453aba170a250b2e2a5e93dd031de31892efe7c40ec4843
ca3059eb3823a50467d74f4b9885f726d759e1799dc93b20a95c5cffbf9f3181
cc1d665ea7ac1c2039c9a6cc7aa7d8a90a26bef8922614ca9975960bd7f96ef8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d27929798b5075c1a98da65c8161a55bfdc793b2f8065eefd0fca4a0ca843688
d45fb067a0e37a5a186bc8f229d535078b8a9255edf06e7e270fbc66a129f4c3
d4735e3a265e16eee03f59718b9b5d03019c07d8b6c51f90da3a666eec13ab35
d8594d5438fe8d3f637d44380d686dd4ef99003577feb9bea9c23007edfac537
d9d17a44792958ec1df65d698ed89b1dd9e67f15dcd43e7cac0e1faee1e5947f
d9f863f0fa1501a1dbf9eaf2fdf9e615eefaaee73649a4542e2d176f02bf8964
dde489af8accc67efe91663fe49230fd741a5559ec020e010609a6f9b907c102
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7e70e5021544f4834bbee64a9e3789febc4be81470df629cad6ddb03320a5c
dfc11fab2f8242016cb03f4f75a1ca60e803adcbfc7c5c3bfd17fc489a2c0b42
e10045cb5eb314fc19c1311ed506fc9c4914b1e076e27400d99a06576b2d60dc
e2b4b8230cfee61662e1e7a6bbda22198e1926580b400eb726fbd9178ddb28c5
e2ef281c7184935c3c5d366ea2d7d4df02eaa4f89bd04dc9d202485058ffb72b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45a8805622e9616021cb445a0c29c4865adb6f2a85e386dd179be557b1b2808
e71d427c04395d529f05b1c72f400e403a6d8fef389f272ddaebc3c60598ca2b
e7f6c011776e8db7cd330b54174fd76f7d0216b612387a5ffcfb81e6f0919683
e8021102e2b0e031a8a16e11238d9a221c43fbf04df980a2c6a889020bc10709
e90ac97211ae6ec339f01e4053a7809818e59aa4fafb3b02ef68559b393bf907
ea226c146a672c42790699b22f3b75f863acecb5346a4b3d2a7b4222f9509c85
ebe597d200f7fd8db43a0c1c9e1ec49ac63556369548d7375fb77d0964abae71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c054522c9819d7217c8a8f2f9305dac76be3da3b885f1b04b1cc6314c69a4d
f1f84f75015d806964ab64f1e1a581b12fc5d9054370ec44bdae64600ac6ef26
f4d18d8573bab4e3c01e4dd6a676d538d17853a111a885c751a67b2d8bc28075
f60dfa7dc03332e293c76790aa260f37ef8345d68130bc2aec0c0215b6573be4
f67ab10ad4e4c53121b6a5fe4da9c10ddee905b978d3788d2723d7bfacbe28a9
f84c946c11a48d48575ca7dbfcbaaa91af7c28ef2194ea051726fd6cdbc7f211
f98d5fca3c93eb8086952c200e59dc21fc7b2ad893b5680cec00f4b7f2a38215
f9eedc13e2b65094ae7c6df41e2ed608b6ad3f4ecfcae345eca18ab69d5af2d7
fe580af08cd7c199b090d56f6147921371d3696127bfac4d66a4a48e6b65041e
ff835b66ff37ee4a4bf9de1a4446e07d37689ad2efb23f9262f01a0f9dbaa01c
ffdc3824a7ba6bd93c56f31bfb5583750635c140ab913cc937328c8607eaefa1

news.itsblossom.com Open in urlscan Pro 2a04:4e42:200::311 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

391 Requests

68 %HTTPS

28 %IPv6

76 Domains

150 Subdomains

102 IPs

11 Countries

7645 kBTransfer

14546 kBSize

161 Cookies

34 Outgoing links

Page URL History

Redirected requests

391 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

news.itsblossom.com Open in urlscan Pro
2a04:4e42:200::311 Public Scan

Screenshot
Live screenshot

Full Image

391
Requests

68 %
HTTPS

28 %
IPv6

76
Domains

150
Subdomains

102
IPs

11
Countries

7645 kB
Transfer

14546 kB
Size

161
Cookies

391 HTTP transactions
2 data transactions